{"resultsPerPage":416,"startIndex":0,"totalResults":416,"format":"NVD_CVE","version":"2.0","timestamp":"2026-07-12T16:39:38.649","vulnerabilities":[{"cve":{"id":"CVE-2021-22769","sourceIdentifier":"cybersecurity@se.com","published":"2021-06-11T16:15:10.730","lastModified":"2026-06-29T14:16:34.543","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"A CWE-552: Files or Directories Accessible to External Parties vulnerability exists in Easergy T300 with firmware V2.7.1 and older that could expose files or directory content when access from an attacker is not restricted or incorrectly restricted."},{"lang":"es","value":"Un CWE-552: Archivos o directorios accesibles a partes externas en el Easergy T300 con firmware versión V2.7.1 y anterior que podría exponer el contenido de archivos o directorios cuando el acceso de un atacante no está restringido o está restringido incorrectamente."}],"affected":[{"source":"cybersecurity@se.com","affectedData":[{"vendor":"n/a","product":"Easergy T300 with firmware V2.7.1 and older","versions":[{"version":"Easergy T300 with firmware V2.7.1 and older","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N","baseScore":4.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":1.4},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N","baseScore":5.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":1.4}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:S/C:P/I:N/A:N","baseScore":4.0,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"SINGLE","confidentialityImpact":"PARTIAL","integrityImpact":"NONE","availabilityImpact":"NONE"},"baseSeverity":"MEDIUM","exploitabilityScore":8.0,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-29T13:24:15.548623Z","id":"CVE-2021-22769","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"cybersecurity@se.com","type":"Secondary","description":[{"lang":"en","value":"CWE-552"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:schneider-electric:easergy_t300_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"2.7.1","matchCriteriaId":"E07AFED6-47CC-4A19-80DB-C537F4F07736"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:schneider-electric:easergy_t300:-:*:*:*:*:*:*:*","matchCriteriaId":"45E6C3FA-001D-449A-A512-327FA0C9AC5A"}]}]}],"references":[{"url":"http://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-194-02","source":"cybersecurity@se.com","tags":["Vendor Advisory"]},{"url":"http://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-194-02","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2021-27722","sourceIdentifier":"cve@mitre.org","published":"2021-11-02T11:15:08.700","lastModified":"2026-06-29T18:28:31.897","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"An issue was discovered in Nsasoft US LLC SpotAuditor 5.3.5. The program can be crashed by entering 300 bytes char data into the \"Key\" or \"Name\" field while registering."},{"lang":"es","value":"Se ha detectado un problema en Nsasoft US LLC SpotAuditor versión 5.3.5. El programa puede bloquearse si se introducen 300 bytes de datos en el campo \"Key\" o \"Name\" mientras se registra"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H","baseScore":5.5,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":3.6}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:N/I:N/A:P","baseScore":5.0,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"PARTIAL"},"baseSeverity":"MEDIUM","exploitabilityScore":10.0,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-120"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:nsasoft:spotauditor:5.3.5:*:*:*:*:*:*:*","matchCriteriaId":"472B602B-E896-46D8-9946-1294F440E6EB"}]}]}],"references":[{"url":"https://www.exploit-db.com/exploits/49590","source":"cve@mitre.org","tags":["Not Applicable","Third Party Advisory","VDB Entry"]},{"url":"https://www.exploit-db.com/exploits/49638","source":"cve@mitre.org","tags":["Not Applicable","Third Party Advisory","VDB Entry"]},{"url":"https://www.exploit-db.com/exploits/49590","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Not Applicable","Third Party Advisory","VDB Entry"]},{"url":"https://www.exploit-db.com/exploits/49638","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Not Applicable","Third Party Advisory","VDB Entry"]}]}},{"cve":{"id":"CVE-2023-0645","sourceIdentifier":"cve-coordination@google.com","published":"2023-04-11T14:15:07.590","lastModified":"2026-06-29T20:16:50.417","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"An out of bounds read exists in libjxl. An attacker using a specifically crafted file could cause an out of bounds read in the exif handler. We recommend upgrading to version 0.8.1 or past commit  https://github.com/libjxl/libjxl/pull/2101/commits/d95b050c1822a5b1ede9e0dc937e43fca1b10159 https://github.com/libjxl/libjxl/pull/2101/commits/d95b050c1822a5b1ede9e0dc937e43fca1b10159 "}],"affected":[{"source":"cve-coordination@google.com","affectedData":[{"vendor":"Libjxl","product":"Libjxl","defaultStatus":"unaffected","repo":"https://github.com/libjxl/libjxl","versions":[{"version":"0.7.0","lessThan":"0.8.1","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"cve-coordination@google.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N","baseScore":5.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":1.6,"impactScore":3.6},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H","baseScore":9.1,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.2}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-02-07T16:31:00.592408Z","id":"CVE-2023-0645","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"cve-coordination@google.com","type":"Secondary","description":[{"lang":"en","value":"CWE-125"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-125"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:libjxl_project:libjxl:*:*:*:*:*:*:*:*","versionEndExcluding":"0.8.1","matchCriteriaId":"30A57BDB-FA83-4502-B7BC-2671A50DFC5D"}]}]}],"references":[{"url":"https://github.com/libjxl/libjxl/pull/2101","source":"cve-coordination@google.com","tags":["Issue Tracking","Patch"]},{"url":"https://github.com/libjxl/libjxl/pull/2101/commits/d95b050c1822a5b1ede9e0dc937e43fca1b10159","source":"cve-coordination@google.com","tags":["Patch"]},{"url":"http://www.openwall.com/lists/oss-security/2026/06/29/3","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://github.com/libjxl/libjxl/pull/2101","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Issue Tracking","Patch"]},{"url":"https://github.com/libjxl/libjxl/pull/2101/commits/d95b050c1822a5b1ede9e0dc937e43fca1b10159","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch"]}]}},{"cve":{"id":"CVE-2024-21490","sourceIdentifier":"report@snyk.io","published":"2024-02-10T05:15:08.650","lastModified":"2026-06-29T16:16:33.937","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"This affects versions of the package angular from 1.3.0; versions of the package angularjs from 1.3.0. A regular expression used to split the value of the ng-srcset directive is vulnerable to super-linear runtime due to backtracking. With large carefully-crafted input, this can result in catastrophic backtracking and cause a denial of service. \r\r\r**Note:**\r\rThis package is EOL and will not receive any updates to address this issue. Users should migrate to [@angular/core](https://www.npmjs.com/package/@angular/core)."},{"lang":"es","value":"Esto afecta a las versiones del paquete angular desde 1.3.0. Una expresión regular utilizada para dividir el valor de la directiva ng-srcset es vulnerable a un tiempo de ejecución superlineal debido al retroceso. Con una gran cantidad de información cuidadosamente elaborada, esto puede resultar en un retroceso catastrófico y provocar una denegación de servicio. **Nota:** Este paquete está en EOL y no recibirá ninguna actualización para solucionar este problema. Los usuarios deben migrar a [@angular/core](https://www.npmjs.com/package/@angular/core)."}],"affected":[{"source":"report@snyk.io","affectedData":[{"vendor":"n/a","product":"angular","versions":[{"version":"1.3.0","lessThan":"*","versionType":"semver","status":"affected"}]},{"vendor":"n/a","product":"org.webjars.bower:angular","versions":[{"version":"1.3.0","lessThan":"*","versionType":"semver","status":"affected"}]},{"vendor":"n/a","product":"org.webjars.npm:angular","versions":[{"version":"1.3.0","lessThan":"*","versionType":"semver","status":"affected"}]},{"vendor":"n/a","product":"angularjs","versions":[{"version":"1.3.0","lessThan":"*","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"report@snyk.io","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":3.6},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2024-02-12T19:24:29.584548Z","id":"CVE-2024-21490","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"report@snyk.io","type":"Secondary","description":[{"lang":"en","value":"CWE-1333"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-1333"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:angularjs:angular.js:*:*:*:*:*:*:*:*","versionStartIncluding":"1.3.0","matchCriteriaId":"BAF43CA0-8F6F-4B34-AE11-85134A4E8491"}]}]}],"references":[{"url":"https://security.snyk.io/vuln/SNYK-DOTNET-ANGULARJS-10771616","source":"report@snyk.io"},{"url":"https://security.snyk.io/vuln/SNYK-JAVA-ORGWEBJARSBOWER-6241746","source":"report@snyk.io","tags":["Third Party Advisory"]},{"url":"https://security.snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-6241747","source":"report@snyk.io","tags":["Third Party Advisory"]},{"url":"https://security.snyk.io/vuln/SNYK-JS-ANGULAR-6091113","source":"report@snyk.io","tags":["Third Party Advisory"]},{"url":"https://stackblitz.com/edit/angularjs-vulnerability-ng-srcset-redos","source":"report@snyk.io","tags":["Exploit","Third Party Advisory"]},{"url":"https://lists.debian.org/debian-lts-announce/2025/07/msg00005.html","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://security.snyk.io/vuln/SNYK-JAVA-ORGWEBJARSBOWER-6241746","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"https://security.snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-6241747","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"https://security.snyk.io/vuln/SNYK-JS-ANGULAR-6091113","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"https://stackblitz.com/edit/angularjs-vulnerability-ng-srcset-redos","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]},{"url":"https://support.herodevs.com/hc/en-us/articles/25715686953485-CVE-2024-21490-AngularJS-Regular-Expression-Denial-of-Service-ReDoS","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]}]}},{"cve":{"id":"CVE-2024-9675","sourceIdentifier":"secalert@redhat.com","published":"2024-10-09T15:15:17.837","lastModified":"2026-06-29T21:16:30.593","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"A vulnerability was found in Buildah. Cache mounts do not properly validate that user-specified paths for the cache are within our cache directory, allowing a `RUN` instruction in a Container file to mount an arbitrary directory from the host (read/write) into the container as long as those files can be accessed by the user running Buildah."},{"lang":"es","value":"Se encontró una vulnerabilidad en Buildah. Los montajes de caché no validan correctamente que las rutas especificadas por el usuario para el caché estén dentro de nuestro directorio de caché, lo que permite que una instrucción `RUN` en un archivo de contenedor monte un directorio arbitrario desde el host (lectura/escritura) en el contenedor siempre que el usuario que ejecuta Buildah pueda acceder a esos archivos."}],"affected":[{"source":"secalert@redhat.com","affectedData":[{"defaultStatus":"unaffected","collectionURL":"https://github.com/containers/buildah","packageName":"buildah","versions":[{"version":"0","lessThan":"1.38.0","versionType":"semver","status":"affected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"container-tools:rhel8","cpes":["cpe:/a:redhat:enterprise_linux:8::appstream"],"versions":[{"version":"8100020241023085649.afee755d","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"container-tools:rhel8","cpes":["cpe:/a:redhat:rhel_aus:8.6::appstream","cpe:/a:redhat:rhel_e4s:8.6::appstream","cpe:/a:redhat:rhel_tus:8.6::appstream"],"versions":[{"version":"8060020241028154646.3b538bd8","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.6 Telecommunications Update Service","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"container-tools:rhel8","cpes":["cpe:/a:redhat:rhel_aus:8.6::appstream","cpe:/a:redhat:rhel_e4s:8.6::appstream","cpe:/a:redhat:rhel_tus:8.6::appstream"],"versions":[{"version":"8060020241028154646.3b538bd8","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"container-tools:rhel8","cpes":["cpe:/a:redhat:rhel_aus:8.6::appstream","cpe:/a:redhat:rhel_e4s:8.6::appstream","cpe:/a:redhat:rhel_tus:8.6::appstream"],"versions":[{"version":"8060020241028154646.3b538bd8","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.8 Extended Update Support","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"container-tools:rhel8","cpes":["cpe:/a:redhat:rhel_eus:8.8::appstream"],"versions":[{"version":"8080020241025064551.0f77c1b7","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"buildah","cpes":["cpe:/a:redhat:enterprise_linux:9::appstream"],"versions":[{"version":"2:1.33.10-1.el9_4","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"podman","cpes":["cpe:/a:redhat:enterprise_linux:9::appstream"],"versions":[{"version":"4:4.9.4-16.el9_4","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"podman","cpes":["cpe:/a:redhat:enterprise_linux:9::appstream"],"versions":[{"version":"4:5.2.2-9.el9_5","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"buildah","cpes":["cpe:/a:redhat:enterprise_linux:9::appstream"],"versions":[{"version":"2:1.37.5-1.el9_5","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9.0 Extended Update Support","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"buildah","cpes":["cpe:/a:redhat:rhel_eus:9.0::appstream"],"versions":[{"version":"1:1.26.8-2.el9_0","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9.0 Extended Update Support","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"podman","cpes":["cpe:/a:redhat:rhel_eus:9.0::appstream"],"versions":[{"version":"2:4.2.0-5.el9_0.2","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9.2 Extended Update Support","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"buildah","cpes":["cpe:/a:redhat:rhel_eus:9.2::appstream"],"versions":[{"version":"1:1.29.4-1.el9_2","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9.2 Extended Update Support","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"podman","cpes":["cpe:/a:redhat:rhel_eus:9.2::appstream"],"versions":[{"version":"2:4.4.1-21.el9_2","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat OpenShift Container Platform 4.12","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"openshift4/ose-docker-builder","cpes":["cpe:/a:redhat:openshift:4.12::el8","cpe:/a:redhat:openshift:4.12::el9"],"versions":[{"version":"v4.12.0-202503181728.p0.ge355452.assembly.stream.el8","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat OpenShift Container Platform 4.13","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"podman","cpes":["cpe:/a:redhat:openshift:4.13::el8","cpe:/a:redhat:openshift:4.13::el9"],"versions":[{"version":"3:4.4.1-15.rhaos4.13.el8","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat OpenShift Container Platform 4.13","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"openshift4/ose-docker-builder","cpes":["cpe:/a:redhat:openshift:4.13::el8","cpe:/a:redhat:openshift:4.13::el9"],"versions":[{"version":"v4.13.0-202503111300.p0.gb379980.assembly.stream.el8","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat OpenShift Container Platform 4.14","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"podman","cpes":["cpe:/a:redhat:openshift:4.14::el8","cpe:/a:redhat:openshift:4.14::el9"],"versions":[{"version":"3:4.4.1-21.rhaos4.14.el8","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat OpenShift Container Platform 4.14","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"openshift4/ose-docker-builder","cpes":["cpe:/a:redhat:openshift:4.14::el8","cpe:/a:redhat:openshift:4.14::el9"],"versions":[{"version":"v4.14.0-202503060906.p0.gb03f3f5.assembly.stream.el8","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat OpenShift Container Platform 4.15","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"podman","cpes":["cpe:/a:redhat:openshift:4.15::el8","cpe:/a:redhat:openshift:4.15::el9"],"versions":[{"version":"3:4.4.1-32.rhaos4.15.el8","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat OpenShift Container Platform 4.15","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"openshift4/ose-docker-builder","cpes":["cpe:/a:redhat:openshift:4.15::el8","cpe:/a:redhat:openshift:4.15::el9"],"versions":[{"version":"v4.15.0-202503060734.p0.gbc0b789.assembly.stream.el8","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat OpenShift Container Platform 4.16","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"podman","cpes":["cpe:/a:redhat:openshift:4.16::el8","cpe:/a:redhat:openshift:4.16::el9"],"versions":[{"version":"4:4.9.4-12.rhaos4.16.el8","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat OpenShift Container Platform 4.16","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"openshift4/ose-docker-builder-rhel9","cpes":["cpe:/a:redhat:openshift:4.16::el9"],"versions":[{"version":"v4.16.0-202503121138.p0.g31c3c26.assembly.stream.el9","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat OpenShift Container Platform 4.17","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"podman","cpes":["cpe:/a:redhat:openshift:4.17::el8","cpe:/a:redhat:openshift:4.17::el9"],"versions":[{"version":"5:5.2.2-1.rhaos4.17.el8","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat OpenShift Container Platform 4.17","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"openshift4/ose-docker-builder-rhel9","cpes":["cpe:/a:redhat:openshift:4.17::el9"],"versions":[{"version":"v4.17.0-202503041005.p0.gc3b0999.assembly.stream.el9","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat OpenShift Container Platform 4.18","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"openshift4/ose-docker-builder-rhel9","cpes":["cpe:/a:redhat:openshift:4.18::el9"],"versions":[{"version":"v4.18.0-202503040802.p0.g6a5ec2a.assembly.stream.el9","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"OpenShift Developer Tools and Services","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"ocp-tools-4/jenkins-agent-base-rhel8","cpes":["cpe:/a:redhat:ocp_tools"]},{"vendor":"Red Hat","product":"OpenShift Developer Tools and Services","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"ocp-tools-4/jenkins-rhel8","cpes":["cpe:/a:redhat:ocp_tools"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 10","defaultStatus":"unaffected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"buildah","cpes":["cpe:/o:redhat:enterprise_linux:10"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 10","defaultStatus":"unaffected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"podman","cpes":["cpe:/o:redhat:enterprise_linux:10"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 7","defaultStatus":"unknown","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"skopeo","cpes":["cpe:/o:redhat:enterprise_linux:7"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9","defaultStatus":"unaffected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"conmon","cpes":["cpe:/o:redhat:enterprise_linux:9"]},{"vendor":"Red Hat","product":"Red Hat OpenShift Container Platform 4","defaultStatus":"unaffected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"buildah","cpes":["cpe:/a:redhat:openshift:4"]},{"vendor":"Red Hat","product":"Red Hat OpenShift Container Platform 4","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"conmon","cpes":["cpe:/a:redhat:openshift:4"]},{"vendor":"Red Hat","product":"Red Hat OpenShift Container Platform 4","defaultStatus":"unaffected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"cri-o","cpes":["cpe:/a:redhat:openshift:4"]},{"vendor":"Red Hat","product":"Red Hat Quay 3","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"quay/quay-builder-rhel8","cpes":["cpe:/a:redhat:quay:3"]}]}],"metrics":{"cvssMetricV31":[{"source":"secalert@redhat.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N","baseScore":4.4,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":1.8,"impactScore":2.5}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2024-10-09T16:16:25.550764Z","id":"CVE-2024-9675","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"secalert@redhat.com","type":"Secondary","description":[{"lang":"en","value":"CWE-22"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-22"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:buildah_project:buildah:-:*:*:*:*:*:*:*","matchCriteriaId":"9A0BE187-A047-44BB-A0EC-E91A6AF6DD60"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:redhat:openshift_container_platform:4.13:*:*:*:*:*:*:*","matchCriteriaId":"1FFF1D51-ABA8-4E54-B81C-A88C8A5E4842"},{"vulnerable":true,"criteria":"cpe:2.3:a:redhat:openshift_container_platform:4.14:*:*:*:*:*:*:*","matchCriteriaId":"486B3F69-1551-4F8B-B25B-A5864248811B"},{"vulnerable":true,"criteria":"cpe:2.3:a:redhat:openshift_container_platform:4.15:*:*:*:*:*:*:*","matchCriteriaId":"4716808D-67EB-4E14-9910-B248A500FAFA"},{"vulnerable":true,"criteria":"cpe:2.3:a:redhat:openshift_container_platform:4.16:*:*:*:*:*:*:*","matchCriteriaId":"0EBB38E1-4161-402D-8A37-74D92891AAC5"},{"vulnerable":true,"criteria":"cpe:2.3:a:redhat:openshift_container_platform:4.17:*:*:*:*:*:*:*","matchCriteriaId":"F4B66318-326A-43E4-AF14-015768296E4E"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*","matchCriteriaId":"F4CFF558-3C47-480D-A2F0-BABF26042943"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*","matchCriteriaId":"7F6FB57C-2BC7-487C-96DD-132683AEB35D"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux_eus:8.8:*:*:*:*:*:*:*","matchCriteriaId":"62C31522-0A17-4025-B269-855C7F4B45C2"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux_eus:9.0:*:*:*:*:*:*:*","matchCriteriaId":"4DDA3E5A-8754-4C48-9A27-E2415F8A6000"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux_eus:9.2:*:*:*:*:*:*:*","matchCriteriaId":"3C74F6FA-FA6C-4648-9079-91446E45EE47"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux_eus:9.4:*:*:*:*:*:*:*","matchCriteriaId":"B03506D7-0FCD-47B7-90F6-DDEEB5C5A733"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux_for_arm_64:8.0_aarch64:*:*:*:*:*:*:*","matchCriteriaId":"5A47EF78-A5B6-4B89-8B74-EEB0647C549F"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux_for_arm_64:9.0_aarch64:*:*:*:*:*:*:*","matchCriteriaId":"2F7DAD7C-9369-4A87-A1D0-4208D3AF0CDC"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux_for_arm_64_eus:8.8_aarch64:*:*:*:*:*:*:*","matchCriteriaId":"213593D4-EB5A-4A1B-BDF3-3F043C5F6A6C"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux_for_arm_64_eus:9.0_aarch64:*:*:*:*:*:*:*","matchCriteriaId":"E25C58BA-4E10-4D6A-84C4-FB48A4185486"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux_for_arm_64_eus:9.2_aarch64:*:*:*:*:*:*:*","matchCriteriaId":"9A879F9F-F087-45D4-BD65-2990276477D2"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux_for_arm_64_eus:9.4_aarch64:*:*:*:*:*:*:*","matchCriteriaId":"01363FFA-F7A6-43FC-8D47-E67F95410095"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:8.0_s390x:*:*:*:*:*:*:*","matchCriteriaId":"32AF225E-94C0-4D07-900C-DD868C05F554"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:9.0_s390x:*:*:*:*:*:*:*","matchCriteriaId":"FB056B47-1F45-4CE4-81F6-872F66C24C29"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:8.8_s390x:*:*:*:*:*:*:*","matchCriteriaId":"22C65F53-D624-48A9-A9B7-4C78A31E19F9"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:9.0_s390x:*:*:*:*:*:*:*","matchCriteriaId":"0CC06C2A-64A5-4302-B754-A4DC0E12FE7C"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:9.2_s390x:*:*:*:*:*:*:*","matchCriteriaId":"26041661-0280-4544-AA0A-BC28FCED4699"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:9.4_s390x:*:*:*:*:*:*:*","matchCriteriaId":"F843B777-5C64-4CAE-80D6-89DC2C9515B1"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian:8.0_ppc64le:*:*:*:*:*:*:*","matchCriteriaId":"23D471AC-7DCA-4425-AD91-E5D928753A8C"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian:9.0_ppc64le:*:*:*:*:*:*:*","matchCriteriaId":"E07C1C58-0E5F-4B56-9B8D-5DE67DB00F79"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:8.8_ppc64le:*:*:*:*:*:*:*","matchCriteriaId":"F91F9255-4EE1-43C7-8831-D2B6C228BFD9"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:9.0_ppc64le:*:*:*:*:*:*:*","matchCriteriaId":"62D3FD78-5B63-4A1B-B4EE-9B098844691E"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:9.2_ppc64le:*:*:*:*:*:*:*","matchCriteriaId":"99952557-C766-4B9E-8BF5-DBBA194349FF"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:9.4_ppc64le:*:*:*:*:*:*:*","matchCriteriaId":"FC3CBA5D-9E5D-4C46-B37E-7BB35BE8DADB"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux_server_aus:8.6:*:*:*:*:*:*:*","matchCriteriaId":"76C24D94-834A-4E9D-8F73-624AFA99AAA2"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux_server_aus:9.2:*:*:*:*:*:*:*","matchCriteriaId":"F32CA554-F9D7-425B-8F1C-89678507F28C"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux_server_aus:9.4:*:*:*:*:*:*:*","matchCriteriaId":"39D345D3-108A-4551-A112-5EE51991411A"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux_server_for_power_little_endian_update_services_for_sap_solutions:8.6_ppc64le:*:*:*:*:*:*:*","matchCriteriaId":"6C138DAF-9769-43B0-A9E6-320738EB3415"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux_server_for_power_little_endian_update_services_for_sap_solutions:8.8_ppc64le:*:*:*:*:*:*:*","matchCriteriaId":"18037675-B4D3-401E-96D3-9EA3C1993920"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux_server_for_power_little_endian_update_services_for_sap_solutions:9.0_ppc64le:*:*:*:*:*:*:*","matchCriteriaId":"3DA48001-66CC-4E71-A944-68D7D654031E"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux_server_for_power_little_endian_update_services_for_sap_solutions:9.2_ppc64le:*:*:*:*:*:*:*","matchCriteriaId":"CC6A25CB-907A-4D05-8460-A2488938A8BE"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux_server_for_power_little_endian_update_services_for_sap_solutions:9.4_ppc64le:*:*:*:*:*:*:*","matchCriteriaId":"3C30F155-DF7D-4195-92D9-A5B80407228D"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux_server_tus:8.6:*:*:*:*:*:*:*","matchCriteriaId":"1272DF03-7674-4BD4-8E64-94004B195448"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux_server_tus:8.8:*:*:*:*:*:*:*","matchCriteriaId":"F1CA946D-1665-4874-9D41-C7D963DD1F56"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux_update_services_for_sap_solutions:8.6:*:*:*:*:*:*:*","matchCriteriaId":"FB096D5D-E8F6-4164-8B76-0217B7151D30"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux_update_services_for_sap_solutions:8.8:*:*:*:*:*:*:*","matchCriteriaId":"01ED4F33-EBE7-4C04-8312-3DA580EFFB68"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux_update_services_for_sap_solutions:9.0:*:*:*:*:*:*:*","matchCriteriaId":"083AAC55-E87B-482A-A1F4-8F2DEB90CB23"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux_update_services_for_sap_solutions:9.2:*:*:*:*:*:*:*","matchCriteriaId":"1FD9BF0E-7ACF-4A83-B754-6E3979ED903F"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux_update_services_for_sap_solutions:9.4:*:*:*:*:*:*:*","matchCriteriaId":"18B7F648-9A31-4EE5-A215-C860616A4AB7"}]}]}],"references":[{"url":"https://access.redhat.com/errata/RHSA-2024:8563","source":"secalert@redhat.com","tags":["Third Party Advisory"]},{"url":"https://access.redhat.com/errata/RHSA-2024:8675","source":"secalert@redhat.com","tags":["Third Party Advisory"]},{"url":"https://access.redhat.com/errata/RHSA-2024:8679","source":"secalert@redhat.com","tags":["Third Party Advisory"]},{"url":"https://access.redhat.com/errata/RHSA-2024:8686","source":"secalert@redhat.com","tags":["Third Party Advisory"]},{"url":"https://access.redhat.com/errata/RHSA-2024:8690","source":"secalert@redhat.com","tags":["Third Party Advisory"]},{"url":"https://access.redhat.com/errata/RHSA-2024:8700","source":"secalert@redhat.com","tags":["Third Party Advisory"]},{"url":"https://access.redhat.com/errata/RHSA-2024:8703","source":"secalert@redhat.com","tags":["Third Party Advisory"]},{"url":"https://access.redhat.com/errata/RHSA-2024:8707","source":"secalert@redhat.com","tags":["Third Party Advisory"]},{"url":"https://access.redhat.com/errata/RHSA-2024:8708","source":"secalert@redhat.com","tags":["Third Party Advisory"]},{"url":"https://access.redhat.com/errata/RHSA-2024:8709","source":"secalert@redhat.com","tags":["Third Party Advisory"]},{"url":"https://access.redhat.com/errata/RHSA-2024:8846","source":"secalert@redhat.com","tags":["Third Party Advisory"]},{"url":"https://access.redhat.com/errata/RHSA-2024:8984","source":"secalert@redhat.com","tags":["Third Party Advisory"]},{"url":"https://access.redhat.com/errata/RHSA-2024:8994","source":"secalert@redhat.com","tags":["Third Party Advisory"]},{"url":"https://access.redhat.com/errata/RHSA-2024:9051","source":"secalert@redhat.com","tags":["Third Party Advisory"]},{"url":"https://access.redhat.com/errata/RHSA-2024:9454","source":"secalert@redhat.com","tags":["Third Party Advisory"]},{"url":"https://access.redhat.com/errata/RHSA-2024:9459","source":"secalert@redhat.com","tags":["Third Party Advisory"]},{"url":"https://access.redhat.com/errata/RHSA-2025:2445","source":"secalert@redhat.com","tags":["Third Party Advisory"]},{"url":"https://access.redhat.com/errata/RHSA-2025:2449","source":"secalert@redhat.com","tags":["Third Party Advisory"]},{"url":"https://access.redhat.com/errata/RHSA-2025:2454","source":"secalert@redhat.com","tags":["Third Party Advisory"]},{"url":"https://access.redhat.com/errata/RHSA-2025:2701","source":"secalert@redhat.com","tags":["Third Party Advisory"]},{"url":"https://access.redhat.com/errata/RHSA-2025:2710","source":"secalert@redhat.com","tags":["Third Party Advisory"]},{"url":"https://access.redhat.com/errata/RHSA-2025:3301","source":"secalert@redhat.com","tags":["Third Party Advisory"]},{"url":"https://access.redhat.com/errata/RHSA-2025:3573","source":"secalert@redhat.com","tags":["Third Party Advisory"]},{"url":"https://access.redhat.com/security/cve/CVE-2024-9675","source":"secalert@redhat.com","tags":["Third Party Advisory"]},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2317458","source":"secalert@redhat.com","tags":["Issue Tracking"]}]}},{"cve":{"id":"CVE-2024-51330","sourceIdentifier":"cve@mitre.org","published":"2024-11-15T19:15:08.057","lastModified":"2026-06-29T17:47:58.630","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"An issue in UltiMaker Cura v.4.41 and 5.8.1 and before allows a local attacker to execute arbitrary code via Inter-process communication (IPC) mechanism between Cura application and CuraEngine processes, localhost network stack, printing settings and G-code processing and transmission components, Ultimaker 3D Printers."},{"lang":"es","value":"Un problema en UltiMaker Cura v.4.41 y 5.8.1 y anteriores permite a un atacante local ejecutar código arbitrario a través del mecanismo de comunicación entre procesos (IPC) entre la aplicación Cura y los procesos de CuraEngine, la pila de red del host local, las configuraciones de impresión y los componentes de procesamiento y transmisión de código G, impresoras 3D Ultimaker."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:H/A:N","baseScore":5.1,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":0.8,"impactScore":4.2},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N","baseScore":4.4,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":0.8,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2024-11-27T17:05:09.941618Z","id":"CVE-2024-51330","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-94"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:ultimaker:ultimaker_cura:*:*:*:*:*:*:*:*","versionEndIncluding":"5.8.1","matchCriteriaId":"C05A8A89-0B74-45DF-A695-49FAC43FC434"}]}]}],"references":[{"url":"https://gist.github.com/HalaAli198/ff06d7a94c06cdfb821dec4d6303e01b","source":"cve@mitre.org","tags":["Third Party Advisory"]}]}},{"cve":{"id":"CVE-2024-12085","sourceIdentifier":"secalert@redhat.com","published":"2025-01-14T18:15:25.123","lastModified":"2026-06-29T21:16:30.140","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"A flaw was found in rsync which could be triggered when rsync compares file checksums. This flaw allows an attacker to manipulate the checksum length (s2length) to cause a comparison between a checksum and uninitialized memory and leak one byte of uninitialized stack data at a time."},{"lang":"es","value":"Se encontró un fallo en rsync daemon que podría activarse cuando rsync compara sumas de comprobación de archivos. Este fallo permite a un atacante manipular la longitud de la suma de comprobación (s2length) para provocar una comparación entre una suma de comprobación y una memoria no inicializada y filtrar un byte de datos de pila no inicializados a la vez."}],"affected":[{"source":"secalert@redhat.com","affectedData":[{"defaultStatus":"unaffected","collectionURL":"https://github.com/RsyncProject/rsync","packageName":"rsync","versions":[{"version":"0","lessThanOrEqual":"3.3.0","versionType":"semver","status":"affected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 10","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"rsync","cpes":["cpe:/o:redhat:enterprise_linux:10.0"],"versions":[{"version":"0:3.4.1-2.el10","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 6 Extended Lifecycle Support  - EXTENSION","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"rsync","cpes":["cpe:/o:redhat:rhel_els:6"],"versions":[{"version":"0:3.0.6-12.el6_10.1","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 7 Extended Lifecycle Support","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"rsync","cpes":["cpe:/o:redhat:rhel_els:7"],"versions":[{"version":"0:3.1.2-12.el7_9.1","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"rsync","cpes":["cpe:/o:redhat:enterprise_linux:8::baseos"],"versions":[{"version":"0:3.1.3-20.el8_10","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.2 Advanced Update Support","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"rsync","cpes":["cpe:/o:redhat:rhel_aus:8.2::baseos"],"versions":[{"version":"0:3.1.3-7.el8_2.3","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"rsync","cpes":["cpe:/o:redhat:rhel_aus:8.4::baseos","cpe:/o:redhat:rhel_e4s:8.4::baseos","cpe:/o:redhat:rhel_tus:8.4::baseos"],"versions":[{"version":"0:3.1.3-12.el8_4.3","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.4 Telecommunications Update Service","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"rsync","cpes":["cpe:/o:redhat:rhel_aus:8.4::baseos","cpe:/o:redhat:rhel_e4s:8.4::baseos","cpe:/o:redhat:rhel_tus:8.4::baseos"],"versions":[{"version":"0:3.1.3-12.el8_4.3","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"rsync","cpes":["cpe:/o:redhat:rhel_aus:8.4::baseos","cpe:/o:redhat:rhel_e4s:8.4::baseos","cpe:/o:redhat:rhel_tus:8.4::baseos"],"versions":[{"version":"0:3.1.3-12.el8_4.3","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"rsync","cpes":["cpe:/o:redhat:rhel_aus:8.6::baseos","cpe:/o:redhat:rhel_e4s:8.6::baseos","cpe:/o:redhat:rhel_tus:8.6::baseos"],"versions":[{"version":"0:3.1.3-14.el8_6.6","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.6 Telecommunications Update Service","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"rsync","cpes":["cpe:/o:redhat:rhel_aus:8.6::baseos","cpe:/o:redhat:rhel_e4s:8.6::baseos","cpe:/o:redhat:rhel_tus:8.6::baseos"],"versions":[{"version":"0:3.1.3-14.el8_6.6","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"rsync","cpes":["cpe:/o:redhat:rhel_aus:8.6::baseos","cpe:/o:redhat:rhel_e4s:8.6::baseos","cpe:/o:redhat:rhel_tus:8.6::baseos"],"versions":[{"version":"0:3.1.3-14.el8_6.6","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.8 Extended Update Support","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"rsync","cpes":["cpe:/o:redhat:rhel_eus:8.8::baseos"],"versions":[{"version":"0:3.1.3-20.el8_8.1","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"rsync","cpes":["cpe:/a:redhat:enterprise_linux:9::appstream","cpe:/o:redhat:enterprise_linux:9::baseos"],"versions":[{"version":"0:3.2.3-20.el9_5.1","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"rsync","cpes":["cpe:/a:redhat:enterprise_linux:9::appstream","cpe:/o:redhat:enterprise_linux:9::baseos"],"versions":[{"version":"0:3.2.3-20.el9_5.1","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"rsync","cpes":["cpe:/a:redhat:rhel_e4s:9.0::appstream","cpe:/o:redhat:rhel_e4s:9.0::baseos"],"versions":[{"version":"0:3.2.3-9.el9_0.3","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9.2 Extended Update Support","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"rsync","cpes":["cpe:/a:redhat:rhel_eus:9.2::appstream","cpe:/o:redhat:rhel_eus:9.2::baseos"],"versions":[{"version":"0:3.2.3-19.el9_2.1","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9.4 Extended Update Support","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"rsync","cpes":["cpe:/a:redhat:rhel_eus:9.4::appstream","cpe:/o:redhat:rhel_eus:9.4::baseos"],"versions":[{"version":"0:3.2.3-19.el9_4.1","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat OpenShift Container Platform 4.12","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"rhcos","cpes":["cpe:/a:redhat:openshift:4.12::el8"],"versions":[{"version":"412.86.202502100314-0","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat OpenShift Container Platform 4.13","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"rhcos","cpes":["cpe:/a:redhat:openshift:4.13::el8","cpe:/a:redhat:openshift:4.13::el9"],"versions":[{"version":"413.92.202503112237-0","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat OpenShift Container Platform 4.14","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"rhcos","cpes":["cpe:/a:redhat:openshift:4.14::el8","cpe:/a:redhat:openshift:4.14::el9"],"versions":[{"version":"414.92.202502111902-0","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat OpenShift Container Platform 4.15","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"rhcos","cpes":["cpe:/a:redhat:openshift:4.15::el8","cpe:/a:redhat:openshift:4.15::el9"],"versions":[{"version":"415.92.202501281917-0","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat OpenShift Container Platform 4.16","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"openshift4/ose-ansible-rhel9-operator","cpes":["cpe:/a:redhat:openshift:4.16::el9"],"versions":[{"version":"v4.16.0-202501311735.p0.g2cb0020.assembly.stream.el9","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat OpenShift Container Platform 4.16","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"openshift4/ose-helm-rhel9-operator","cpes":["cpe:/a:redhat:openshift:4.16::el9"],"versions":[{"version":"v4.16.0-202501311933.p0.g4246d04.assembly.stream.el9","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat OpenShift Container Platform 4.16","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"openshift4/ose-operator-sdk-rhel9","cpes":["cpe:/a:redhat:openshift:4.16::el9"],"versions":[{"version":"v4.16.0-202501311605.p0.g4246d04.assembly.stream.el9","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat OpenShift Container Platform 4.17","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"rhcos","cpes":["cpe:/a:redhat:openshift:4.17::el9"],"versions":[{"version":"417.94.202502051822-0","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"RHOL-5.8-RHEL-9","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"openshift-logging/cluster-logging-operator-bundle","cpes":["cpe:/a:redhat:logging:5.8::el9"],"versions":[{"version":"v5.8.17-22","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"RHOL-5.8-RHEL-9","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"openshift-logging/cluster-logging-rhel9-operator","cpes":["cpe:/a:redhat:logging:5.8::el9"],"versions":[{"version":"v5.8.17-10","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"RHOL-5.8-RHEL-9","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"openshift-logging/elasticsearch6-rhel9","cpes":["cpe:/a:redhat:logging:5.8::el9"],"versions":[{"version":"v6.8.1-454","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"RHOL-5.8-RHEL-9","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"openshift-logging/elasticsearch-operator-bundle","cpes":["cpe:/a:redhat:logging:5.8::el9"],"versions":[{"version":"v5.8.17-17","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"RHOL-5.8-RHEL-9","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"openshift-logging/elasticsearch-proxy-rhel9","cpes":["cpe:/a:redhat:logging:5.8::el9"],"versions":[{"version":"v1.0.0-537","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"RHOL-5.8-RHEL-9","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"openshift-logging/elasticsearch-rhel9-operator","cpes":["cpe:/a:redhat:logging:5.8::el9"],"versions":[{"version":"v5.8.17-4","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"RHOL-5.8-RHEL-9","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"openshift-logging/eventrouter-rhel9","cpes":["cpe:/a:redhat:logging:5.8::el9"],"versions":[{"version":"v0.4.0-339","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"RHOL-5.8-RHEL-9","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"openshift-logging/fluentd-rhel9","cpes":["cpe:/a:redhat:logging:5.8::el9"],"versions":[{"version":"v5.8.17-4","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"RHOL-5.8-RHEL-9","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"openshift-logging/log-file-metric-exporter-rhel9","cpes":["cpe:/a:redhat:logging:5.8::el9"],"versions":[{"version":"v1.1.0-320","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"RHOL-5.8-RHEL-9","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"openshift-logging/logging-curator5-rhel9","cpes":["cpe:/a:redhat:logging:5.8::el9"],"versions":[{"version":"v5.8.1-552","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"RHOL-5.8-RHEL-9","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"openshift-logging/logging-loki-rhel9","cpes":["cpe:/a:redhat:logging:5.8::el9"],"versions":[{"version":"v3.3.2-9","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"RHOL-5.8-RHEL-9","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"openshift-logging/logging-view-plugin-rhel9","cpes":["cpe:/a:redhat:logging:5.8::el9"],"versions":[{"version":"v5.8.17-5","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"RHOL-5.8-RHEL-9","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"openshift-logging/loki-operator-bundle","cpes":["cpe:/a:redhat:logging:5.8::el9"],"versions":[{"version":"v5.8.17-12","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"RHOL-5.8-RHEL-9","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"openshift-logging/loki-rhel9-operator","cpes":["cpe:/a:redhat:logging:5.8::el9"],"versions":[{"version":"v5.8.17-5","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"RHOL-5.8-RHEL-9","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"openshift-logging/lokistack-gateway-rhel9","cpes":["cpe:/a:redhat:logging:5.8::el9"],"versions":[{"version":"v0.1.0-725","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"RHOL-5.8-RHEL-9","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"openshift-logging/opa-openshift-rhel9","cpes":["cpe:/a:redhat:logging:5.8::el9"],"versions":[{"version":"v0.1.0-342","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"RHOL-5.8-RHEL-9","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"openshift-logging/vector-rhel9","cpes":["cpe:/a:redhat:logging:5.8::el9"],"versions":[{"version":"v0.28.1-88","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"RHOL-5.9-RHEL-9","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"openshift-logging/cluster-logging-operator-bundle","cpes":["cpe:/a:redhat:logging:5.9::el9"],"versions":[{"version":"v5.9.11-25","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"RHOL-5.9-RHEL-9","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"openshift-logging/cluster-logging-rhel9-operator","cpes":["cpe:/a:redhat:logging:5.9::el9"],"versions":[{"version":"v5.9.11-11","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"RHOL-5.9-RHEL-9","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"openshift-logging/eventrouter-rhel9","cpes":["cpe:/a:redhat:logging:5.9::el9"],"versions":[{"version":"v0.4.0-340","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"RHOL-5.9-RHEL-9","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"openshift-logging/fluentd-rhel9","cpes":["cpe:/a:redhat:logging:5.9::el9"],"versions":[{"version":"v5.9.11-5","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"RHOL-5.9-RHEL-9","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"openshift-logging/log-file-metric-exporter-rhel9","cpes":["cpe:/a:redhat:logging:5.9::el9"],"versions":[{"version":"v1.1.0-321","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"RHOL-5.9-RHEL-9","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"openshift-logging/logging-loki-rhel9","cpes":["cpe:/a:redhat:logging:5.9::el9"],"versions":[{"version":"v3.3.2-8","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"RHOL-5.9-RHEL-9","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"openshift-logging/logging-view-plugin-rhel9","cpes":["cpe:/a:redhat:logging:5.9::el9"],"versions":[{"version":"v5.9.11-6","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"RHOL-5.9-RHEL-9","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"openshift-logging/loki-operator-bundle","cpes":["cpe:/a:redhat:logging:5.9::el9"],"versions":[{"version":"v5.9.11-9","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"RHOL-5.9-RHEL-9","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"openshift-logging/loki-rhel9-operator","cpes":["cpe:/a:redhat:logging:5.9::el9"],"versions":[{"version":"v5.9.11-4","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"RHOL-5.9-RHEL-9","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"openshift-logging/lokistack-gateway-rhel9","cpes":["cpe:/a:redhat:logging:5.9::el9"],"versions":[{"version":"v0.1.0-724","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"RHOL-5.9-RHEL-9","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"openshift-logging/opa-openshift-rhel9","cpes":["cpe:/a:redhat:logging:5.9::el9"],"versions":[{"version":"v0.1.0-341","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"RHOL-5.9-RHEL-9","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"openshift-logging/vector-rhel9","cpes":["cpe:/a:redhat:logging:5.9::el9"],"versions":[{"version":"v0.34.1-30","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"OpenShift Compliance Operator 1","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"compliance/openshift-compliance-must-gather-rhel8","cpes":["cpe:/a:redhat:openshift_compliance_operator:1::el9"],"versions":[{"version":"1.8.0","lessThan":"*","versionType":"rpm","status":"unaffected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"secalert@redhat.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-02-27T04:55:14.796829Z","id":"CVE-2024-12085","options":[{"exploitation":"poc"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"secalert@redhat.com","type":"Secondary","description":[{"lang":"en","value":"CWE-908"}]},{"source":"nvd@nist.gov","type":"Secondary","description":[{"lang":"en","value":"CWE-908"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:samba:rsync:*:*:*:*:*:*:*:*","versionEndExcluding":"3.3.0","matchCriteriaId":"C3A9FCFD-8115-4C36-95D1-625B124ED9F9"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:redhat:openshift:5.0:*:*:*:*:*:*:*","matchCriteriaId":"3FD9C791-100F-4672-AB43-94B80DFAF818"},{"vulnerable":true,"criteria":"cpe:2.3:a:redhat:openshift_container_platform:4.12:*:*:*:*:*:*:*","matchCriteriaId":"40449571-22F8-44FA-B57B-B43F71AB25E2"},{"vulnerable":true,"criteria":"cpe:2.3:a:redhat:openshift_container_platform:4.13:*:*:*:*:*:*:*","matchCriteriaId":"1FFF1D51-ABA8-4E54-B81C-A88C8A5E4842"},{"vulnerable":true,"criteria":"cpe:2.3:a:redhat:openshift_container_platform:4.14:*:*:*:*:*:*:*","matchCriteriaId":"486B3F69-1551-4F8B-B25B-A5864248811B"},{"vulnerable":true,"criteria":"cpe:2.3:a:redhat:openshift_container_platform:4.15:*:*:*:*:*:*:*","matchCriteriaId":"4716808D-67EB-4E14-9910-B248A500FAFA"},{"vulnerable":true,"criteria":"cpe:2.3:a:redhat:openshift_container_platform:4.16:*:*:*:*:*:*:*","matchCriteriaId":"0EBB38E1-4161-402D-8A37-74D92891AAC5"},{"vulnerable":true,"criteria":"cpe:2.3:a:redhat:openshift_container_platform:4.17:*:*:*:*:*:*:*","matchCriteriaId":"F4B66318-326A-43E4-AF14-015768296E4E"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*","matchCriteriaId":"F4CFF558-3C47-480D-A2F0-BABF26042943"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*","matchCriteriaId":"7F6FB57C-2BC7-487C-96DD-132683AEB35D"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux_eus:8.8:*:*:*:*:*:*:*","matchCriteriaId":"62C31522-0A17-4025-B269-855C7F4B45C2"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux_eus:9.2:*:*:*:*:*:*:*","matchCriteriaId":"3C74F6FA-FA6C-4648-9079-91446E45EE47"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux_eus:9.4:*:*:*:*:*:*:*","matchCriteriaId":"B03506D7-0FCD-47B7-90F6-DDEEB5C5A733"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux_eus:9.6:*:*:*:*:*:*:*","matchCriteriaId":"C4CF8D2F-DACA-49C2-A9F4-63496B0A9A80"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux_for_arm_64:8.0_aarch64:*:*:*:*:*:*:*","matchCriteriaId":"5A47EF78-A5B6-4B89-8B74-EEB0647C549F"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux_for_arm_64:9.0_aarch64:*:*:*:*:*:*:*","matchCriteriaId":"2F7DAD7C-9369-4A87-A1D0-4208D3AF0CDC"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux_for_arm_64:9.2_aarch64:*:*:*:*:*:*:*","matchCriteriaId":"D85E0DBA-A856-472A-8271-A4F37C35F952"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux_for_arm_64_eus:8.8_aarch64:*:*:*:*:*:*:*","matchCriteriaId":"213593D4-EB5A-4A1B-BDF3-3F043C5F6A6C"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux_for_arm_64_eus:9.4_aarch64:*:*:*:*:*:*:*","matchCriteriaId":"01363FFA-F7A6-43FC-8D47-E67F95410095"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux_for_arm_64_eus:9.6_aarch64:*:*:*:*:*:*:*","matchCriteriaId":"CA15BFFC-B8E8-4EE3-8E14-8C95DF6C99C4"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:8.0_s390x:*:*:*:*:*:*:*","matchCriteriaId":"32AF225E-94C0-4D07-900C-DD868C05F554"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:9.0_s390x:*:*:*:*:*:*:*","matchCriteriaId":"FB056B47-1F45-4CE4-81F6-872F66C24C29"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:9.2_s390x:*:*:*:*:*:*:*","matchCriteriaId":"2E068ABB-31C2-416E-974A-95E07A2BAB0A"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:8.8_s390x:*:*:*:*:*:*:*","matchCriteriaId":"22C65F53-D624-48A9-A9B7-4C78A31E19F9"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:9.4_s390x:*:*:*:*:*:*:*","matchCriteriaId":"F843B777-5C64-4CAE-80D6-89DC2C9515B1"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:9.6_s390x:*:*:*:*:*:*:*","matchCriteriaId":"778ACA25-ED77-4EFC-A183-DE094C58B268"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian:8.0_ppc64le:*:*:*:*:*:*:*","matchCriteriaId":"23D471AC-7DCA-4425-AD91-E5D928753A8C"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian:8.8_ppc64le:*:*:*:*:*:*:*","matchCriteriaId":"5B4A41C6-7ECB-4F3D-AB10-96F2D00B6840"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian:9.0_ppc64le:*:*:*:*:*:*:*","matchCriteriaId":"E07C1C58-0E5F-4B56-9B8D-5DE67DB00F79"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian:9.2_ppc64le:*:*:*:*:*:*:*","matchCriteriaId":"ED521457-498F-4E43-B714-9A3F2C3CD09A"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:9.4_ppc64le:*:*:*:*:*:*:*","matchCriteriaId":"FC3CBA5D-9E5D-4C46-B37E-7BB35BE8DADB"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:9.6_ppc64le:*:*:*:*:*:*:*","matchCriteriaId":"0516993E-CBD5-44F1-8684-7172C9ABFD0A"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*","matchCriteriaId":"9BBCD86A-E6C7-4444-9D74-F861084090F0"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*","matchCriteriaId":"51EF4996-72F4-4FA4-814F-F5991E7A8318"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux_server_aus:8.2:*:*:*:*:*:*:*","matchCriteriaId":"6897676D-53F9-45B3-B27F-7FF9A4C58D33"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux_server_aus:8.4:*:*:*:*:*:*:*","matchCriteriaId":"E28F226A-CBC7-4A32-BE58-398FA5B42481"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux_server_aus:8.6:*:*:*:*:*:*:*","matchCriteriaId":"76C24D94-834A-4E9D-8F73-624AFA99AAA2"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux_server_aus:9.2:*:*:*:*:*:*:*","matchCriteriaId":"F32CA554-F9D7-425B-8F1C-89678507F28C"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux_server_aus:9.4:*:*:*:*:*:*:*","matchCriteriaId":"39D345D3-108A-4551-A112-5EE51991411A"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux_server_aus:9.6:*:*:*:*:*:*:*","matchCriteriaId":"0FDD919E-B7FE-4EC5-8D6B-EC9A4723D6E2"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux_server_for_power_little_endian_update_services_for_sap_solutions:8.4_ppc64le:*:*:*:*:*:*:*","matchCriteriaId":"6E645F29-0FE0-477F-969A-55F009AB018C"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux_server_for_power_little_endian_update_services_for_sap_solutions:8.6_ppc64le:*:*:*:*:*:*:*","matchCriteriaId":"6C138DAF-9769-43B0-A9E6-320738EB3415"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux_server_for_power_little_endian_update_services_for_sap_solutions:8.8_ppc64le:*:*:*:*:*:*:*","matchCriteriaId":"18037675-B4D3-401E-96D3-9EA3C1993920"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux_server_for_power_little_endian_update_services_for_sap_solutions:9.0_ppc64le:*:*:*:*:*:*:*","matchCriteriaId":"3DA48001-66CC-4E71-A944-68D7D654031E"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux_server_for_power_little_endian_update_services_for_sap_solutions:9.2_ppc64le:*:*:*:*:*:*:*","matchCriteriaId":"CC6A25CB-907A-4D05-8460-A2488938A8BE"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux_server_for_power_little_endian_update_services_for_sap_solutions:9.4_ppc64le:*:*:*:*:*:*:*","matchCriteriaId":"3C30F155-DF7D-4195-92D9-A5B80407228D"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux_server_for_power_little_endian_update_services_for_sap_solutions:9.6_ppc64le:*:*:*:*:*:*:*","matchCriteriaId":"41F1A2F3-BCEF-4A8C-BA2F-DF1FF13E6179"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux_server_tus:8.4:*:*:*:*:*:*:*","matchCriteriaId":"AC10D919-57FD-4725-B8D2-39ECB476902F"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux_server_tus:8.6:*:*:*:*:*:*:*","matchCriteriaId":"1272DF03-7674-4BD4-8E64-94004B195448"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux_server_tus:8.8:*:*:*:*:*:*:*","matchCriteriaId":"F1CA946D-1665-4874-9D41-C7D963DD1F56"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux_update_services_for_sap_solutions:8.4:*:*:*:*:*:*:*","matchCriteriaId":"E881C927-DF96-4D2E-9887-FF12E456B1FB"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux_update_services_for_sap_solutions:8.6:*:*:*:*:*:*:*","matchCriteriaId":"FB096D5D-E8F6-4164-8B76-0217B7151D30"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux_update_services_for_sap_solutions:9.0:*:*:*:*:*:*:*","matchCriteriaId":"083AAC55-E87B-482A-A1F4-8F2DEB90CB23"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux_update_services_for_sap_solutions:9.2:*:*:*:*:*:*:*","matchCriteriaId":"1FD9BF0E-7ACF-4A83-B754-6E3979ED903F"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux_update_services_for_sap_solutions:9.6:*:*:*:*:*:*:*","matchCriteriaId":"554AA8CA-A930-4788-B052-497E09D48381"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:almalinux:almalinux:8.0:-:*:*:*:*:*:*","matchCriteriaId":"F34AA7F4-6ECE-4FA5-A310-3509648BD7C7"},{"vulnerable":true,"criteria":"cpe:2.3:o:almalinux:almalinux:9.0:-:*:*:*:*:*:*","matchCriteriaId":"57B93E9A-1483-4FF7-BF45-BD0D7D9F1747"},{"vulnerable":true,"criteria":"cpe:2.3:o:almalinux:almalinux:10.0:-:*:*:*:*:*:*","matchCriteriaId":"66FD02F3-C1C2-4E1D-98C1-8889004437D4"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:archlinux:arch_linux:-:*:*:*:*:*:*:*","matchCriteriaId":"4824AE2D-462B-477D-9206-3E2090A32146"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:gentoo:linux:-:*:*:*:*:*:*:*","matchCriteriaId":"92121D8A-529E-454A-BC8D-B6E0017E615D"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:nixos:nixos:*:*:*:*:*:*:*:*","versionEndExcluding":"24.11","matchCriteriaId":"213883D5-9E62-4496-82E3-D5377995C257"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:suse:suse_linux:-:*:*:*:*:*:*:*","matchCriteriaId":"1FB65EF0-0E6A-4178-8564-3CC96891A072"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:tritondatacenter:smartos:*:*:*:*:*:*:*:*","versionEndExcluding":"20250123","matchCriteriaId":"8EBD774C-F48F-45EC-A5DD-B1E56E54EF71"}]}]}],"references":[{"url":"https://access.redhat.com/errata/RHBA-2025:6470","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:0324","source":"secalert@redhat.com","tags":["Third Party Advisory"]},{"url":"https://access.redhat.com/errata/RHSA-2025:0325","source":"secalert@redhat.com","tags":["Third Party Advisory"]},{"url":"https://access.redhat.com/errata/RHSA-2025:0637","source":"secalert@redhat.com","tags":["Third Party Advisory"]},{"url":"https://access.redhat.com/errata/RHSA-2025:0688","source":"secalert@redhat.com","tags":["Third Party Advisory"]},{"url":"https://access.redhat.com/errata/RHSA-2025:0714","source":"secalert@redhat.com","tags":["Third Party Advisory"]},{"url":"https://access.redhat.com/errata/RHSA-2025:0774","source":"secalert@redhat.com","tags":["Third Party Advisory"]},{"url":"https://access.redhat.com/errata/RHSA-2025:0787","source":"secalert@redhat.com","tags":["Third Party Advisory"]},{"url":"https://access.redhat.com/errata/RHSA-2025:0790","source":"secalert@redhat.com","tags":["Third Party Advisory"]},{"url":"https://access.redhat.com/errata/RHSA-2025:0849","source":"secalert@redhat.com","tags":["Third Party Advisory"]},{"url":"https://access.redhat.com/errata/RHSA-2025:0884","source":"secalert@redhat.com","tags":["Third Party Advisory"]},{"url":"https://access.redhat.com/errata/RHSA-2025:0885","source":"secalert@redhat.com","tags":["Third Party Advisory"]},{"url":"https://access.redhat.com/errata/RHSA-2025:1120","source":"secalert@redhat.com","tags":["Third Party Advisory"]},{"url":"https://access.redhat.com/errata/RHSA-2025:1123","source":"secalert@redhat.com","tags":["Third Party Advisory"]},{"url":"https://access.redhat.com/errata/RHSA-2025:1128","source":"secalert@redhat.com","tags":["Third Party Advisory"]},{"url":"https://access.redhat.com/errata/RHSA-2025:1225","source":"secalert@redhat.com","tags":["Third Party Advisory"]},{"url":"https://access.redhat.com/errata/RHSA-2025:1227","source":"secalert@redhat.com","tags":["Third Party Advisory"]},{"url":"https://access.redhat.com/errata/RHSA-2025:1242","source":"secalert@redhat.com","tags":["Third Party Advisory"]},{"url":"https://access.redhat.com/errata/RHSA-2025:1451","source":"secalert@redhat.com","tags":["Third Party Advisory"]},{"url":"https://access.redhat.com/errata/RHSA-2025:21885","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:2701","source":"secalert@redhat.com","tags":["Third Party Advisory"]},{"url":"https://access.redhat.com/security/cve/CVE-2024-12085","source":"secalert@redhat.com","tags":["Third Party Advisory"]},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2330539","source":"secalert@redhat.com","tags":["Issue Tracking","Third Party Advisory"]},{"url":"https://kb.cert.org/vuls/id/952657","source":"secalert@redhat.com","tags":["Third Party Advisory"]},{"url":"https://lists.debian.org/debian-lts-announce/2025/01/msg00008.html","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://security.netapp.com/advisory/ntap-20250131-0002/","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://www.kb.cert.org/vuls/id/952657","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://github.com/google/security-research/security/advisories/GHSA-p5pg-x43v-mvqj","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2024-12084","sourceIdentifier":"secalert@redhat.com","published":"2025-01-15T15:15:10.537","lastModified":"2026-06-29T21:16:29.923","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"A heap-based buffer overflow flaw was found in the rsync daemon. This issue is due to improper handling of attacker-controlled checksum lengths (s2length) in the code. When MAX_DIGEST_LEN exceeds the fixed SUM_LENGTH (16 bytes), an attacker can write out of bounds in the sum2 buffer."},{"lang":"es","value":"Se encontró un fallo de desbordamiento de búfer basado en montón en rsync daemon. Este problema se debe a una gestión inadecuada de las longitudes de suma de comprobación controladas por el atacante (s2length) en el código. Cuando MAX_DIGEST_LEN excede el valor fijo SUM_LENGTH (16 bytes), un atacante puede escribir fuera de los límites en el búfer de sum2."}],"affected":[{"source":"secalert@redhat.com","affectedData":[{"defaultStatus":"unaffected","collectionURL":"https://github.com/RsyncProject/rsync","packageName":"rsync","versions":[{"version":"3.2.7","status":"affected"},{"version":"3.3.0","status":"affected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 10","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"rsync","cpes":["cpe:/o:redhat:enterprise_linux:10.0"],"versions":[{"version":"0:3.4.1-2.el10","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 6","defaultStatus":"unaffected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"rsync","cpes":["cpe:/o:redhat:enterprise_linux:6"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 7","defaultStatus":"unaffected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"rsync","cpes":["cpe:/o:redhat:enterprise_linux:7"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8","defaultStatus":"unaffected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"rsync","cpes":["cpe:/o:redhat:enterprise_linux:8"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9","defaultStatus":"unaffected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"rsync","cpes":["cpe:/o:redhat:enterprise_linux:9"]},{"vendor":"Red Hat","product":"Red Hat OpenShift Container Platform 4","defaultStatus":"unaffected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"rhcos","cpes":["cpe:/a:redhat:openshift:4"]}]}],"metrics":{"cvssMetricV31":[{"source":"secalert@redhat.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-02-27T04:55:13.179697Z","id":"CVE-2024-12084","options":[{"exploitation":"poc"},{"automatable":"yes"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"secalert@redhat.com","type":"Secondary","description":[{"lang":"en","value":"CWE-122"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-787"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:samba:rsync:3.2.7:-:*:*:*:*:*:*","matchCriteriaId":"68EE0770-DDA7-4DF1-8605-48FF14BE3E94"},{"vulnerable":true,"criteria":"cpe:2.3:a:samba:rsync:3.3.0:-:*:*:*:*:*:*","matchCriteriaId":"F51AFAF2-4D1D-4827-942D-2004648B01FA"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:almalinux:almalinux:10.0:-:*:*:*:*:*:*","matchCriteriaId":"66FD02F3-C1C2-4E1D-98C1-8889004437D4"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:archlinux:arch_linux:-:*:*:*:*:*:*:*","matchCriteriaId":"4824AE2D-462B-477D-9206-3E2090A32146"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:gentoo:linux:-:*:*:*:*:*:*:*","matchCriteriaId":"92121D8A-529E-454A-BC8D-B6E0017E615D"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:nixos:nixos:*:*:*:*:*:*:*:*","versionEndExcluding":"24.11","matchCriteriaId":"213883D5-9E62-4496-82E3-D5377995C257"},{"vulnerable":true,"criteria":"cpe:2.3:o:nixos:nixos:24.11:*:*:*:*:*:*:*","matchCriteriaId":"0645D7C7-C292-4C57-A8F9-D2F507A7C4D8"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:novell:suse_linux:-:*:*:*:*:*:*:*","matchCriteriaId":"B627E2A9-DE93-43FB-BFB7-5B6F421554D5"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:tritondatacenter:smartos:*:*:*:*:*:*:*:*","versionEndExcluding":"20250123","matchCriteriaId":"8EBD774C-F48F-45EC-A5DD-B1E56E54EF71"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux:10.0:*:*:*:*:*:*:*","matchCriteriaId":"D65C2163-CFC2-4ABB-8F4E-CB09CEBD006C"}]}]}],"references":[{"url":"https://access.redhat.com/errata/RHBA-2025:6470","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/security/cve/CVE-2024-12084","source":"secalert@redhat.com","tags":["Third Party Advisory"]},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2330527","source":"secalert@redhat.com","tags":["Issue Tracking","Third Party Advisory"]},{"url":"https://kb.cert.org/vuls/id/952657","source":"secalert@redhat.com","tags":["Third Party Advisory"]},{"url":"http://www.openwall.com/lists/oss-security/2025/01/14/6","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Mailing List","Third Party Advisory"]},{"url":"https://security.netapp.com/advisory/ntap-20250131-0002/","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://www.kb.cert.org/vuls/id/952657","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://github.com/google/security-research/security/advisories/GHSA-p5pg-x43v-mvqj","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","tags":["Exploit","Vendor Advisory"]}]}},{"cve":{"id":"CVE-2024-11218","sourceIdentifier":"secalert@redhat.com","published":"2025-01-22T05:15:08.903","lastModified":"2026-06-29T21:16:29.563","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"A vulnerability was found in `podman build` and `buildah.` This issue occurs in a container breakout by using --jobs=2 and a race condition when building a malicious Containerfile. SELinux might mitigate it, but even with SELinux on, it still allows the enumeration of files and directories on the host."},{"lang":"es","value":"Se encontró una vulnerabilidad en `podman build` y `buildah`. Este problema ocurre en una ruptura de contenedor mediante el uso de --jobs=2 y una condición ejecución al crear un Containerfile malicioso. SELinux podría mitigarlo, pero incluso con SELinux activado, aún permite la enumeración de archivos y directorios en el host."}],"affected":[{"source":"secalert@redhat.com","affectedData":[{"defaultStatus":"unaffected","collectionURL":"https://github.com/containers/buildah","packageName":"buildah","versions":[{"version":"0","lessThan":"1.33.12","versionType":"semver","status":"affected"},{"version":"1.35.0","lessThan":"1.35.5","versionType":"semver","status":"affected"},{"version":"1.37.0","lessThan":"1.37.6","versionType":"semver","status":"affected"},{"version":"1.38.0","lessThan":"1.38.1","versionType":"semver","status":"affected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"container-tools:rhel8","cpes":["cpe:/a:redhat:enterprise_linux:8::appstream"],"versions":[{"version":"8100020250124120243.afee755d","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"container-tools:rhel8","cpes":["cpe:/a:redhat:rhel_aus:8.6::appstream","cpe:/a:redhat:rhel_e4s:8.6::appstream","cpe:/a:redhat:rhel_tus:8.6::appstream"],"versions":[{"version":"8060020250203202123.3b538bd8","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.6 Telecommunications Update Service","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"container-tools:rhel8","cpes":["cpe:/a:redhat:rhel_aus:8.6::appstream","cpe:/a:redhat:rhel_e4s:8.6::appstream","cpe:/a:redhat:rhel_tus:8.6::appstream"],"versions":[{"version":"8060020250203202123.3b538bd8","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"container-tools:rhel8","cpes":["cpe:/a:redhat:rhel_aus:8.6::appstream","cpe:/a:redhat:rhel_e4s:8.6::appstream","cpe:/a:redhat:rhel_tus:8.6::appstream"],"versions":[{"version":"8060020250203202123.3b538bd8","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.8 Extended Update Support","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"container-tools:rhel8","cpes":["cpe:/a:redhat:rhel_eus:8.8::appstream"],"versions":[{"version":"8080020250207173112.0f77c1b7","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"podman","cpes":["cpe:/a:redhat:enterprise_linux:9::appstream"],"versions":[{"version":"4:5.2.2-13.el9_5","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"buildah","cpes":["cpe:/a:redhat:enterprise_linux:9::appstream"],"versions":[{"version":"2:1.37.6-1.el9_5","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"podman","cpes":["cpe:/a:redhat:rhel_e4s:9.0::appstream"],"versions":[{"version":"2:4.2.0-6.el9_0","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"buildah","cpes":["cpe:/a:redhat:rhel_e4s:9.0::appstream"],"versions":[{"version":"1:1.26.9-1.el9_0","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9.2 Extended Update Support","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"buildah","cpes":["cpe:/a:redhat:rhel_eus:9.2::appstream"],"versions":[{"version":"1:1.29.5-1.el9_2","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9.2 Extended Update Support","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"podman","cpes":["cpe:/a:redhat:rhel_eus:9.2::appstream"],"versions":[{"version":"2:4.4.1-22.el9_2","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9.4 Extended Update Support","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"buildah","cpes":["cpe:/a:redhat:rhel_eus:9.4::appstream"],"versions":[{"version":"2:1.33.12-2.el9_4","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9.4 Extended Update Support","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"podman","cpes":["cpe:/a:redhat:rhel_eus:9.4::appstream"],"versions":[{"version":"4:4.9.4-17.el9_4","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat OpenShift Container Platform 4.12","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"rhcos","cpes":["cpe:/a:redhat:openshift:4.12::el8","cpe:/a:redhat:openshift:4.12::el9"],"versions":[{"version":"412.86.202503052321-0","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat OpenShift Container Platform 4.12","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"podman","cpes":["cpe:/a:redhat:openshift:4.12::el8","cpe:/a:redhat:openshift:4.12::el9"],"versions":[{"version":"3:4.2.0-13.rhaos4.12.el9","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat OpenShift Container Platform 4.13","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"buildah","cpes":["cpe:/a:redhat:openshift:4.13::el8","cpe:/a:redhat:openshift:4.13::el9"],"versions":[{"version":"1:1.29.5-1.rhaos4.13.el8","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat OpenShift Container Platform 4.13","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"podman","cpes":["cpe:/a:redhat:openshift:4.13::el8","cpe:/a:redhat:openshift:4.13::el9"],"versions":[{"version":"3:4.4.1-16.rhaos4.13.el8","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat OpenShift Container Platform 4.13","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"rhcos","cpes":["cpe:/a:redhat:openshift:4.13::el8","cpe:/a:redhat:openshift:4.13::el9"],"versions":[{"version":"413.92.202503112237-0","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat OpenShift Container Platform 4.14","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"podman","cpes":["cpe:/a:redhat:openshift:4.14::el8","cpe:/a:redhat:openshift:4.14::el9"],"versions":[{"version":"3:4.4.1-22.rhaos4.14.el8","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat OpenShift Container Platform 4.14","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"buildah","cpes":["cpe:/a:redhat:openshift:4.14::el8","cpe:/a:redhat:openshift:4.14::el9"],"versions":[{"version":"1:1.29.5-1.rhaos4.14.el8","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat OpenShift Container Platform 4.14","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"rhcos","cpes":["cpe:/a:redhat:openshift:4.14::el8","cpe:/a:redhat:openshift:4.14::el9"],"versions":[{"version":"414.92.202503100617-0","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat OpenShift Container Platform 4.14","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"buildah","cpes":["cpe:/a:redhat:openshift:4.14::el8","cpe:/a:redhat:openshift:4.14::el9"],"versions":[{"version":"1:1.29.5-1.rhaos4.14.el8","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat OpenShift Container Platform 4.15","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"podman","cpes":["cpe:/a:redhat:openshift:4.15::el8","cpe:/a:redhat:openshift:4.15::el9"],"versions":[{"version":"3:4.4.1-33.rhaos4.15.el8","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat OpenShift Container Platform 4.15","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"buildah","cpes":["cpe:/a:redhat:openshift:4.15::el8","cpe:/a:redhat:openshift:4.15::el9"],"versions":[{"version":"1:1.29.5-1.rhaos4.15.el8","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat OpenShift Container Platform 4.15","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"rhcos","cpes":["cpe:/a:redhat:openshift:4.15::el8","cpe:/a:redhat:openshift:4.15::el9"],"versions":[{"version":"415.92.202503060749-0","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat OpenShift Container Platform 4.15","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"buildah","cpes":["cpe:/a:redhat:openshift:4.15::el8","cpe:/a:redhat:openshift:4.15::el9"],"versions":[{"version":"1:1.29.5-1.rhaos4.15.el8","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat OpenShift Container Platform 4.16","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"podman","cpes":["cpe:/a:redhat:openshift:4.16::el8","cpe:/a:redhat:openshift:4.16::el9","cpe:/a:redhat:openshift_ironic:4.16::el9"],"versions":[{"version":"4:4.9.4-13.rhaos4.16.el8","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat OpenShift Container Platform 4.16","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"buildah","cpes":["cpe:/a:redhat:openshift:4.16::el8","cpe:/a:redhat:openshift:4.16::el9"],"versions":[{"version":"2:1.33.12-1.rhaos4.16.el8","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat OpenShift Container Platform 4.16","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"rhcos","cpes":["cpe:/a:redhat:openshift:4.16::el9"],"versions":[{"version":"416.94.202502180249-0","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat OpenShift Container Platform 4.16","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"buildah","cpes":["cpe:/a:redhat:openshift:4.16::el8","cpe:/a:redhat:openshift:4.16::el9"],"versions":[{"version":"2:1.33.12-1.rhaos4.16.el8","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat OpenShift Container Platform 4.17","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"podman","cpes":["cpe:/a:redhat:openshift:4.17::el8","cpe:/a:redhat:openshift:4.17::el9"],"versions":[{"version":"5:5.2.2-2.rhaos4.17.el8","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat OpenShift Container Platform 4.17","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"buildah","cpes":["cpe:/a:redhat:openshift:4.17::el8","cpe:/a:redhat:openshift:4.17::el9"],"versions":[{"version":"2:1.33.12-1.rhaos4.17.el8","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat OpenShift Container Platform 4.17","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"buildah","cpes":["cpe:/a:redhat:openshift:4.17::el8","cpe:/a:redhat:openshift:4.17::el9"],"versions":[{"version":"2:1.33.12-1.rhaos4.17.el8","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat OpenShift Container Platform 4.17","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"rhcos","cpes":["cpe:/a:redhat:openshift:4.17::el9"],"versions":[{"version":"417.94.202504080421-0","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat OpenShift Container Platform 4.18","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"buildah","cpes":["cpe:/a:redhat:openshift:4.18::el8","cpe:/a:redhat:openshift:4.18::el9"],"versions":[{"version":"2:1.33.12-1.rhaos4.18.el9","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat OpenShift Container Platform 4.18","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"rhcos","cpes":["cpe:/a:redhat:openshift:4.18::el9"],"versions":[{"version":"418.94.202504021150-0","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 10","defaultStatus":"unaffected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"buildah","cpes":["cpe:/o:redhat:enterprise_linux:10"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 10","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"podman","cpes":["cpe:/o:redhat:enterprise_linux:10"]}]}],"metrics":{"cvssMetricV31":[{"source":"secalert@redhat.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H","baseScore":8.6,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":6.0}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-01-22T14:11:18.056703Z","id":"CVE-2024-11218","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"secalert@redhat.com","type":"Secondary","description":[{"lang":"en","value":"CWE-269"}]}],"references":[{"url":"https://access.redhat.com/errata/RHSA-2025:0830","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:0878","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:0922","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:0923","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:1186","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:1187","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:1188","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:1189","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:1207","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:1275","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:1295","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:1296","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:1372","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:1453","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:1707","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:1713","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:1908","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:1910","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:1914","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:2441","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:2443","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:2454","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:2456","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:2701","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:2703","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:2710","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:2712","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:3577","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:3798","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/security/cve/CVE-2024-11218","source":"secalert@redhat.com"},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2326231","source":"secalert@redhat.com"},{"url":"https://github.com/containers/buildah/pull/5918","source":"secalert@redhat.com"}]}},{"cve":{"id":"CVE-2025-1244","sourceIdentifier":"secalert@redhat.com","published":"2025-02-12T15:15:18.430","lastModified":"2026-06-29T21:16:32.910","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"A command injection flaw was found in the text editor Emacs. It could allow a remote, unauthenticated attacker to execute arbitrary shell commands on a vulnerable system. Exploitation is possible by tricking users into visiting a specially crafted website or an HTTP URL with a redirect."},{"lang":"es","value":"Se encontró una falla en el editor de texto de Emacs. La gestión inadecuada de esquemas de URL \"man\" personalizados permite a los atacantes ejecutar comandos de shell arbitrarios engañando a los usuarios para que visiten un sitio web especialmente manipulado o una URL HTTP con una redirección."}],"affected":[{"source":"secalert@redhat.com","affectedData":[{"defaultStatus":"unaffected","collectionURL":"https://git.savannah.gnu.org/cgit/emacs.git/","packageName":"emacs","versions":[{"version":"0","lessThan":"29.4.0","versionType":"semver","status":"affected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 7 Extended Lifecycle Support","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"emacs","cpes":["cpe:/o:redhat:rhel_els:7"],"versions":[{"version":"1:24.3-23.el7_9.2","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"emacs","cpes":["cpe:/a:redhat:enterprise_linux:8::appstream","cpe:/o:redhat:enterprise_linux:8::baseos"],"versions":[{"version":"1:26.1-13.el8_10","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"emacs","cpes":["cpe:/a:redhat:enterprise_linux:8::appstream","cpe:/o:redhat:enterprise_linux:8::baseos"],"versions":[{"version":"1:26.1-13.el8_10","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.2 Advanced Update Support","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"emacs","cpes":["cpe:/a:redhat:rhel_aus:8.2::appstream","cpe:/o:redhat:rhel_aus:8.2::baseos"],"versions":[{"version":"1:26.1-5.el8_2.3","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"emacs","cpes":["cpe:/a:redhat:rhel_aus:8.4::appstream","cpe:/a:redhat:rhel_e4s:8.4::appstream","cpe:/a:redhat:rhel_tus:8.4::appstream","cpe:/o:redhat:rhel_aus:8.4::baseos","cpe:/o:redhat:rhel_e4s:8.4::baseos","cpe:/o:redhat:rhel_tus:8.4::baseos"],"versions":[{"version":"1:26.1-5.el8_4.3","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.4 Telecommunications Update Service","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"emacs","cpes":["cpe:/a:redhat:rhel_aus:8.4::appstream","cpe:/a:redhat:rhel_e4s:8.4::appstream","cpe:/a:redhat:rhel_tus:8.4::appstream","cpe:/o:redhat:rhel_aus:8.4::baseos","cpe:/o:redhat:rhel_e4s:8.4::baseos","cpe:/o:redhat:rhel_tus:8.4::baseos"],"versions":[{"version":"1:26.1-5.el8_4.3","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"emacs","cpes":["cpe:/a:redhat:rhel_aus:8.4::appstream","cpe:/a:redhat:rhel_e4s:8.4::appstream","cpe:/a:redhat:rhel_tus:8.4::appstream","cpe:/o:redhat:rhel_aus:8.4::baseos","cpe:/o:redhat:rhel_e4s:8.4::baseos","cpe:/o:redhat:rhel_tus:8.4::baseos"],"versions":[{"version":"1:26.1-5.el8_4.3","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"emacs","cpes":["cpe:/a:redhat:rhel_aus:8.6::appstream","cpe:/a:redhat:rhel_e4s:8.6::appstream","cpe:/a:redhat:rhel_tus:8.6::appstream","cpe:/o:redhat:rhel_aus:8.6::baseos","cpe:/o:redhat:rhel_e4s:8.6::baseos","cpe:/o:redhat:rhel_tus:8.6::baseos"],"versions":[{"version":"1:26.1-7.el8_6.6","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.6 Telecommunications Update Service","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"emacs","cpes":["cpe:/a:redhat:rhel_aus:8.6::appstream","cpe:/a:redhat:rhel_e4s:8.6::appstream","cpe:/a:redhat:rhel_tus:8.6::appstream","cpe:/o:redhat:rhel_aus:8.6::baseos","cpe:/o:redhat:rhel_e4s:8.6::baseos","cpe:/o:redhat:rhel_tus:8.6::baseos"],"versions":[{"version":"1:26.1-7.el8_6.6","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"emacs","cpes":["cpe:/a:redhat:rhel_aus:8.6::appstream","cpe:/a:redhat:rhel_e4s:8.6::appstream","cpe:/a:redhat:rhel_tus:8.6::appstream","cpe:/o:redhat:rhel_aus:8.6::baseos","cpe:/o:redhat:rhel_e4s:8.6::baseos","cpe:/o:redhat:rhel_tus:8.6::baseos"],"versions":[{"version":"1:26.1-7.el8_6.6","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.8 Extended Update Support","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"emacs","cpes":["cpe:/a:redhat:rhel_eus:8.8::appstream","cpe:/o:redhat:rhel_eus:8.8::baseos"],"versions":[{"version":"1:26.1-10.el8_8.7","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"emacs","cpes":["cpe:/a:redhat:enterprise_linux:9::appstream"],"versions":[{"version":"1:27.2-11.el9_5.1","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"emacs","cpes":["cpe:/a:redhat:rhel_e4s:9.0::appstream"],"versions":[{"version":"1:27.2-6.el9_0.2","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9.2 Extended Update Support","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"emacs","cpes":["cpe:/a:redhat:rhel_eus:9.2::appstream"],"versions":[{"version":"1:27.2-8.el9_2.2","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9.4 Extended Update Support","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"emacs","cpes":["cpe:/a:redhat:rhel_eus:9.4::appstream"],"versions":[{"version":"1:27.2-10.el9_4.1","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Builds for Red Hat OpenShift 1.3.2","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"openshift-builds/openshift-builds-git-cloner-rhel9","cpes":["cpe:/a:redhat:openshift_builds:1.3::el9"],"versions":[{"version":"1.3.1-1741784043","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 10","defaultStatus":"unaffected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"emacs","cpes":["cpe:/o:redhat:enterprise_linux:10"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 6","defaultStatus":"unknown","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"emacs","cpes":["cpe:/o:redhat:enterprise_linux:6"]}]}],"metrics":{"cvssMetricV31":[{"source":"secalert@redhat.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-02-12T14:50:47.050392Z","id":"CVE-2025-1244","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"secalert@redhat.com","type":"Secondary","description":[{"lang":"en","value":"CWE-78"}]}],"references":[{"url":"https://access.redhat.com/errata/RHSA-2025:1915","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:1917","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:1961","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:1962","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:1963","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:1964","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:2022","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:2130","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:2157","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:2195","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:2754","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/security/cve/CVE-2025-1244","source":"secalert@redhat.com"},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2345150","source":"secalert@redhat.com"},{"url":"https://git.savannah.gnu.org/cgit/emacs.git/commit/?id=820f0793f0b46448928905552726c1f1b999062f","source":"secalert@redhat.com"},{"url":"http://www.openwall.com/lists/oss-security/2025/03/01/2","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://debbugs.gnu.org/cgi/bugreport.cgi?bug=66390","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://git.savannah.gnu.org/cgit/emacs.git/tree/etc/NEWS?h=emacs-30.1","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://lists.debian.org/debian-lts-announce/2025/02/msg00033.html","source":"af854a3a-2127-422b-91ae-364da2661108"}]}},{"cve":{"id":"CVE-2025-0624","sourceIdentifier":"secalert@redhat.com","published":"2025-02-19T19:15:15.120","lastModified":"2026-06-29T21:16:30.940","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"A flaw was found in grub2. During the network boot process, when trying to search for the configuration file, grub copies data from a user controlled environment variable into an internal buffer using the grub_strcpy() function. During this step, it fails to consider the environment variable length when allocating the internal buffer, resulting in an out-of-bounds write. If correctly exploited, this issue may result in remote code execution through the same network segment grub is searching for the boot information, which can be used to by-pass secure boot protections."},{"lang":"es","value":"Se encontró una falla en grub2. Durante el proceso de arranque de red, al intentar buscar el archivo de configuración, grub copia datos de una variable de entorno controlada por el usuario en un búfer interno mediante la función grub_strcpy(). Durante este paso, no tiene en cuenta la longitud de la variable de entorno al asignar el búfer interno, lo que da como resultado una escritura fuera de los límites. Si se explota correctamente, este problema puede dar como resultado la ejecución de código remoto a través del mismo segmento de red en el que grub está buscando la información de arranque, que se puede utilizar para eludir las protecciones de arranque seguro."}],"affected":[{"source":"secalert@redhat.com","affectedData":[{"defaultStatus":"unaffected","collectionURL":"https://www.gnu.org/software/grub/","packageName":"grub2","versions":[{"version":"0","lessThanOrEqual":"2.12","versionType":"semver","status":"affected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 7 Extended Lifecycle Support","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"grub2","cpes":["cpe:/o:redhat:rhel_els:7"],"versions":[{"version":"1:2.02-0.87.el7_9.15","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"grub2","cpes":["cpe:/o:redhat:enterprise_linux:8::baseos"],"versions":[{"version":"1:2.02-162.el8_10","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.2 Advanced Update Support","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"grub2","cpes":["cpe:/o:redhat:rhel_aus:8.2::baseos"],"versions":[{"version":"1:2.02-87.el8_2.13","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"grub2","cpes":["cpe:/o:redhat:rhel_aus:8.4::baseos","cpe:/o:redhat:rhel_e4s:8.4::baseos","cpe:/o:redhat:rhel_tus:8.4::baseos"],"versions":[{"version":"1:2.02-99.el8_4.12","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.4 Telecommunications Update Service","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"grub2","cpes":["cpe:/o:redhat:rhel_aus:8.4::baseos","cpe:/o:redhat:rhel_e4s:8.4::baseos","cpe:/o:redhat:rhel_tus:8.4::baseos"],"versions":[{"version":"1:2.02-99.el8_4.12","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"grub2","cpes":["cpe:/o:redhat:rhel_aus:8.4::baseos","cpe:/o:redhat:rhel_e4s:8.4::baseos","cpe:/o:redhat:rhel_tus:8.4::baseos"],"versions":[{"version":"1:2.02-99.el8_4.12","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"grub2","cpes":["cpe:/o:redhat:rhel_aus:8.6::baseos","cpe:/o:redhat:rhel_e4s:8.6::baseos","cpe:/o:redhat:rhel_tus:8.6::baseos"],"versions":[{"version":"1:2.02-123.el8_6.18","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.6 Telecommunications Update Service","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"grub2","cpes":["cpe:/o:redhat:rhel_aus:8.6::baseos","cpe:/o:redhat:rhel_e4s:8.6::baseos","cpe:/o:redhat:rhel_tus:8.6::baseos"],"versions":[{"version":"1:2.02-123.el8_6.18","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"grub2","cpes":["cpe:/o:redhat:rhel_aus:8.6::baseos","cpe:/o:redhat:rhel_e4s:8.6::baseos","cpe:/o:redhat:rhel_tus:8.6::baseos"],"versions":[{"version":"1:2.02-123.el8_6.18","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.8 Extended Update Support","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"grub2","cpes":["cpe:/o:redhat:rhel_eus:8.8::baseos"],"versions":[{"version":"1:2.02-152.el8_8.2","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"grub2","cpes":["cpe:/o:redhat:enterprise_linux:9::baseos"],"versions":[{"version":"1:2.06-94.el9_5","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"grub2","cpes":["cpe:/o:redhat:rhel_e4s:9.0::baseos"],"versions":[{"version":"1:2.06-27.el9_0.22","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9.2 Extended Update Support","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"grub2","cpes":["cpe:/o:redhat:rhel_eus:9.2::baseos"],"versions":[{"version":"1:2.06-61.el9_2.10","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9.4 Extended Update Support","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"grub2","cpes":["cpe:/o:redhat:rhel_eus:9.4::baseos"],"versions":[{"version":"1:2.06-86.el9_4.2","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat OpenShift Container Platform 4.12","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"rhcos","cpes":["cpe:/a:redhat:openshift:4.12::el8","cpe:/a:redhat:openshift:4.12::el9"],"versions":[{"version":"412.86.202503310142-0","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat OpenShift Container Platform 4.13","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"rhcos","cpes":["cpe:/a:redhat:openshift:4.13::el8","cpe:/a:redhat:openshift:4.13::el9"],"versions":[{"version":"413.92.202504070146-0","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat OpenShift Container Platform 4.14","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"rhcos","cpes":["cpe:/a:redhat:openshift:4.14::el8","cpe:/a:redhat:openshift:4.14::el9"],"versions":[{"version":"414.92.202505141057-0","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat OpenShift Container Platform 4.15","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"rhcos","cpes":["cpe:/a:redhat:openshift:4.15::el8","cpe:/a:redhat:openshift:4.15::el9"],"versions":[{"version":"415.92.202504282058-0","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat OpenShift Container Platform 4.16","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"rhcos","cpes":["cpe:/a:redhat:openshift:4.16::el9"],"versions":[{"version":"416.94.202503252048-0","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat OpenShift Container Platform 4.17","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"rhcos","cpes":["cpe:/a:redhat:openshift:4.17::el9"],"versions":[{"version":"417.94.202503241418-0","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat OpenShift Container Platform 4.18","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"rhcos","cpes":["cpe:/a:redhat:openshift:4.18::el9"],"versions":[{"version":"418.94.202504021150-0","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 10","defaultStatus":"unaffected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"grub2","cpes":["cpe:/o:redhat:enterprise_linux:10"]}]}],"metrics":{"cvssMetricV31":[{"source":"secalert@redhat.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:A/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H","baseScore":7.6,"baseSeverity":"HIGH","attackVector":"ADJACENT_NETWORK","attackComplexity":"HIGH","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.0,"impactScore":6.0}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-09-19T03:55:15.282969Z","id":"CVE-2025-0624","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"secalert@redhat.com","type":"Secondary","description":[{"lang":"en","value":"CWE-787"}]}],"references":[{"url":"https://access.redhat.com/errata/RHSA-2025:2521","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:2653","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:2655","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:2675","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:2784","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:2799","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:2867","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:2869","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:3297","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:3301","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:3367","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:3396","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:3573","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:3577","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:3780","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:4422","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:7702","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/security/cve/CVE-2025-0624","source":"secalert@redhat.com"},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2346112","source":"secalert@redhat.com"},{"url":"https://security.netapp.com/advisory/ntap-20250516-0006/","source":"af854a3a-2127-422b-91ae-364da2661108"}]}},{"cve":{"id":"CVE-2025-26594","sourceIdentifier":"secalert@redhat.com","published":"2025-02-25T16:15:38.227","lastModified":"2026-06-29T21:16:33.170","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"A use-after-free flaw was found in X.Org and Xwayland. The root cursor is referenced in the X server as a global variable. If a client frees the root cursor, the internal reference points to freed memory and causes a use-after-free."},{"lang":"es","value":"Se encontró una falla de use-after-free en X.Org y Xwayland. El cursor raíz se referencia en el servidor X como una variable global. Si un cliente libera el cursor raíz, la referencia interna apunta a la memoria liberada y provoca un use-after-free."}],"affected":[{"source":"secalert@redhat.com","affectedData":[{"defaultStatus":"unaffected","collectionURL":"https://gitlab.freedesktop.org/xorg/xserver/","packageName":"xserver","versions":[{"version":"0","lessThan":"21.1.16","versionType":"semver","status":"affected"},{"version":"22.0.0","lessThan":"24.1.6","versionType":"semver","status":"affected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 10","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"xorg-x11-server-Xwayland","cpes":["cpe:/o:redhat:enterprise_linux:10.0"],"versions":[{"version":"0:24.1.5-3.el10_0","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 6 Extended Lifecycle Support  - EXTENSION","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"tigervnc","cpes":["cpe:/o:redhat:rhel_els:6"],"versions":[{"version":"0:1.1.0-25.el6_10","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 7 Extended Lifecycle Support","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"tigervnc","cpes":["cpe:/o:redhat:rhel_els:7"],"versions":[{"version":"0:1.8.0-36.el7_9","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 7 Extended Lifecycle Support","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"xorg-x11-server","cpes":["cpe:/o:redhat:rhel_els:7"],"versions":[{"version":"0:1.20.4-30.el7_9","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"tigervnc","cpes":["cpe:/a:redhat:enterprise_linux:8::appstream"],"versions":[{"version":"0:1.13.1-15.el8_10","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.2 Advanced Update Support","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"tigervnc","cpes":["cpe:/a:redhat:rhel_aus:8.2::appstream"],"versions":[{"version":"0:1.9.0-15.el8_2.13","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"tigervnc","cpes":["cpe:/a:redhat:rhel_aus:8.4::appstream","cpe:/a:redhat:rhel_e4s:8.4::appstream","cpe:/a:redhat:rhel_tus:8.4::appstream"],"versions":[{"version":"0:1.11.0-8.el8_4.12","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.4 Telecommunications Update Service","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"tigervnc","cpes":["cpe:/a:redhat:rhel_aus:8.4::appstream","cpe:/a:redhat:rhel_e4s:8.4::appstream","cpe:/a:redhat:rhel_tus:8.4::appstream"],"versions":[{"version":"0:1.11.0-8.el8_4.12","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"tigervnc","cpes":["cpe:/a:redhat:rhel_aus:8.4::appstream","cpe:/a:redhat:rhel_e4s:8.4::appstream","cpe:/a:redhat:rhel_tus:8.4::appstream"],"versions":[{"version":"0:1.11.0-8.el8_4.12","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"tigervnc","cpes":["cpe:/a:redhat:rhel_aus:8.6::appstream","cpe:/a:redhat:rhel_e4s:8.6::appstream","cpe:/a:redhat:rhel_tus:8.6::appstream"],"versions":[{"version":"0:1.12.0-6.el8_6.13","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.6 Telecommunications Update Service","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"tigervnc","cpes":["cpe:/a:redhat:rhel_aus:8.6::appstream","cpe:/a:redhat:rhel_e4s:8.6::appstream","cpe:/a:redhat:rhel_tus:8.6::appstream"],"versions":[{"version":"0:1.12.0-6.el8_6.13","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"tigervnc","cpes":["cpe:/a:redhat:rhel_aus:8.6::appstream","cpe:/a:redhat:rhel_e4s:8.6::appstream","cpe:/a:redhat:rhel_tus:8.6::appstream"],"versions":[{"version":"0:1.12.0-6.el8_6.13","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.8 Extended Update Support","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"tigervnc","cpes":["cpe:/a:redhat:rhel_eus:8.8::appstream"],"versions":[{"version":"0:1.12.0-15.el8_8.12","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"tigervnc","cpes":["cpe:/a:redhat:enterprise_linux:9::appstream"],"versions":[{"version":"0:1.14.1-1.el9_5.1","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"xorg-x11-server","cpes":["cpe:/a:redhat:enterprise_linux:9::appstream","cpe:/a:redhat:enterprise_linux:9::crb"],"versions":[{"version":"0:1.20.11-28.el9_6","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"xorg-x11-server-Xwayland","cpes":["cpe:/a:redhat:enterprise_linux:9::appstream","cpe:/a:redhat:enterprise_linux:9::crb"],"versions":[{"version":"0:23.2.7-3.el9_6","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"tigervnc","cpes":["cpe:/a:redhat:rhel_e4s:9.0::appstream"],"versions":[{"version":"0:1.11.0-22.el9_0.13","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9.2 Extended Update Support","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"tigervnc","cpes":["cpe:/a:redhat:rhel_eus:9.2::appstream"],"versions":[{"version":"0:1.12.0-14.el9_2.10","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9.4 Extended Update Support","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"tigervnc","cpes":["cpe:/a:redhat:rhel_eus:9.4::appstream"],"versions":[{"version":"0:1.13.1-8.el9_4.5","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 6","defaultStatus":"unknown","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"xorg-x11-server","cpes":["cpe:/o:redhat:enterprise_linux:6"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8","defaultStatus":"unaffected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"xorg-x11-server","cpes":["cpe:/o:redhat:enterprise_linux:8"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8","defaultStatus":"unaffected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"xorg-x11-server-Xwayland","cpes":["cpe:/o:redhat:enterprise_linux:8"]}]}],"metrics":{"cvssMetricV31":[{"source":"secalert@redhat.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-02-25T20:13:53.357050Z","id":"CVE-2025-26594","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"secalert@redhat.com","type":"Secondary","description":[{"lang":"en","value":"CWE-416"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-416"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:tigervnc:tigervnc:-:*:*:*:*:*:*:*","matchCriteriaId":"79A8316C-BA22-441E-92AF-415AFABCEB76"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:x.org:x_server:*:*:*:*:*:*:*:*","versionEndExcluding":"21.1.16","matchCriteriaId":"07E5F462-A20F-472C-85E7-804D46F01A7A"},{"vulnerable":true,"criteria":"cpe:2.3:a:x.org:xwayland:*:*:*:*:*:*:*:*","versionEndExcluding":"24.1.6","matchCriteriaId":"1CBC57E6-F54D-4B54-9263-9753CCA3EEF7"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*","matchCriteriaId":"142AD0DD-4CF3-4D74-9442-459CE3347E3A"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*","matchCriteriaId":"F4CFF558-3C47-480D-A2F0-BABF26042943"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*","matchCriteriaId":"7F6FB57C-2BC7-487C-96DD-132683AEB35D"}]}]}],"references":[{"url":"https://access.redhat.com/errata/RHSA-2025:2500","source":"secalert@redhat.com","tags":["Third Party Advisory"]},{"url":"https://access.redhat.com/errata/RHSA-2025:2502","source":"secalert@redhat.com","tags":["Third Party Advisory"]},{"url":"https://access.redhat.com/errata/RHSA-2025:2861","source":"secalert@redhat.com","tags":["Third Party Advisory"]},{"url":"https://access.redhat.com/errata/RHSA-2025:2862","source":"secalert@redhat.com","tags":["Third Party Advisory"]},{"url":"https://access.redhat.com/errata/RHSA-2025:2865","source":"secalert@redhat.com","tags":["Third Party Advisory"]},{"url":"https://access.redhat.com/errata/RHSA-2025:2866","source":"secalert@redhat.com","tags":["Third Party Advisory"]},{"url":"https://access.redhat.com/errata/RHSA-2025:2873","source":"secalert@redhat.com","tags":["Third Party Advisory"]},{"url":"https://access.redhat.com/errata/RHSA-2025:2874","source":"secalert@redhat.com","tags":["Third Party Advisory"]},{"url":"https://access.redhat.com/errata/RHSA-2025:2875","source":"secalert@redhat.com","tags":["Third Party Advisory"]},{"url":"https://access.redhat.com/errata/RHSA-2025:2879","source":"secalert@redhat.com","tags":["Third Party Advisory"]},{"url":"https://access.redhat.com/errata/RHSA-2025:2880","source":"secalert@redhat.com","tags":["Third Party Advisory"]},{"url":"https://access.redhat.com/errata/RHSA-2025:3976","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:7163","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:7165","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:7458","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/security/cve/CVE-2025-26594","source":"secalert@redhat.com","tags":["Third Party Advisory"]},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2345248","source":"secalert@redhat.com","tags":["Issue Tracking"]},{"url":"https://lists.debian.org/debian-lts-announce/2025/02/msg00036.html","source":"af854a3a-2127-422b-91ae-364da2661108"}]}},{"cve":{"id":"CVE-2025-26595","sourceIdentifier":"secalert@redhat.com","published":"2025-02-25T16:15:38.390","lastModified":"2026-06-29T21:16:33.440","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"A buffer overflow flaw was found in X.Org and Xwayland. The code in XkbVModMaskText() allocates a fixed-sized buffer on the stack and copies the names of the virtual modifiers to that buffer. The code fails to check the bounds of the buffer and would copy the data regardless of the size."},{"lang":"es","value":"Se encontró una falla de desbordamiento de búfer en X.Org y Xwayland. El código en XkbVModMaskText() asigna un búfer de tamaño fijo en la pila y copia los nombres de los modificadores virtuales en ese búfer. El código no verifica los límites del búfer y copia los datos independientemente del tamaño."}],"affected":[{"source":"secalert@redhat.com","affectedData":[{"defaultStatus":"unaffected","collectionURL":"https://gitlab.freedesktop.org/xorg/xserver/","packageName":"xserver","versions":[{"version":"0","lessThan":"21.1.16","versionType":"semver","status":"affected"},{"version":"22.0.0","lessThan":"24.1.6","versionType":"semver","status":"affected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 10","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"xorg-x11-server-Xwayland","cpes":["cpe:/o:redhat:enterprise_linux:10.0"],"versions":[{"version":"0:24.1.5-3.el10_0","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 6 Extended Lifecycle Support  - EXTENSION","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"tigervnc","cpes":["cpe:/o:redhat:rhel_els:6"],"versions":[{"version":"0:1.1.0-25.el6_10","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 7 Extended Lifecycle Support","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"tigervnc","cpes":["cpe:/o:redhat:rhel_els:7"],"versions":[{"version":"0:1.8.0-36.el7_9","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 7 Extended Lifecycle Support","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"xorg-x11-server","cpes":["cpe:/o:redhat:rhel_els:7"],"versions":[{"version":"0:1.20.4-30.el7_9","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"tigervnc","cpes":["cpe:/a:redhat:enterprise_linux:8::appstream"],"versions":[{"version":"0:1.13.1-15.el8_10","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.2 Advanced Update Support","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"tigervnc","cpes":["cpe:/a:redhat:rhel_aus:8.2::appstream"],"versions":[{"version":"0:1.9.0-15.el8_2.13","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"tigervnc","cpes":["cpe:/a:redhat:rhel_aus:8.4::appstream","cpe:/a:redhat:rhel_e4s:8.4::appstream","cpe:/a:redhat:rhel_tus:8.4::appstream"],"versions":[{"version":"0:1.11.0-8.el8_4.12","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.4 Telecommunications Update Service","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"tigervnc","cpes":["cpe:/a:redhat:rhel_aus:8.4::appstream","cpe:/a:redhat:rhel_e4s:8.4::appstream","cpe:/a:redhat:rhel_tus:8.4::appstream"],"versions":[{"version":"0:1.11.0-8.el8_4.12","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"tigervnc","cpes":["cpe:/a:redhat:rhel_aus:8.4::appstream","cpe:/a:redhat:rhel_e4s:8.4::appstream","cpe:/a:redhat:rhel_tus:8.4::appstream"],"versions":[{"version":"0:1.11.0-8.el8_4.12","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"tigervnc","cpes":["cpe:/a:redhat:rhel_aus:8.6::appstream","cpe:/a:redhat:rhel_e4s:8.6::appstream","cpe:/a:redhat:rhel_tus:8.6::appstream"],"versions":[{"version":"0:1.12.0-6.el8_6.13","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.6 Telecommunications Update Service","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"tigervnc","cpes":["cpe:/a:redhat:rhel_aus:8.6::appstream","cpe:/a:redhat:rhel_e4s:8.6::appstream","cpe:/a:redhat:rhel_tus:8.6::appstream"],"versions":[{"version":"0:1.12.0-6.el8_6.13","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"tigervnc","cpes":["cpe:/a:redhat:rhel_aus:8.6::appstream","cpe:/a:redhat:rhel_e4s:8.6::appstream","cpe:/a:redhat:rhel_tus:8.6::appstream"],"versions":[{"version":"0:1.12.0-6.el8_6.13","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.8 Extended Update Support","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"tigervnc","cpes":["cpe:/a:redhat:rhel_eus:8.8::appstream"],"versions":[{"version":"0:1.12.0-15.el8_8.12","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"tigervnc","cpes":["cpe:/a:redhat:enterprise_linux:9::appstream"],"versions":[{"version":"0:1.14.1-1.el9_5.1","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"xorg-x11-server","cpes":["cpe:/a:redhat:enterprise_linux:9::appstream","cpe:/a:redhat:enterprise_linux:9::crb"],"versions":[{"version":"0:1.20.11-28.el9_6","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"xorg-x11-server-Xwayland","cpes":["cpe:/a:redhat:enterprise_linux:9::appstream","cpe:/a:redhat:enterprise_linux:9::crb"],"versions":[{"version":"0:23.2.7-3.el9_6","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"tigervnc","cpes":["cpe:/a:redhat:rhel_e4s:9.0::appstream"],"versions":[{"version":"0:1.11.0-22.el9_0.13","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9.2 Extended Update Support","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"tigervnc","cpes":["cpe:/a:redhat:rhel_eus:9.2::appstream"],"versions":[{"version":"0:1.12.0-14.el9_2.10","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9.4 Extended Update Support","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"tigervnc","cpes":["cpe:/a:redhat:rhel_eus:9.4::appstream"],"versions":[{"version":"0:1.13.1-8.el9_4.5","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 6","defaultStatus":"unknown","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"xorg-x11-server","cpes":["cpe:/o:redhat:enterprise_linux:6"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8","defaultStatus":"unaffected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"xorg-x11-server","cpes":["cpe:/o:redhat:enterprise_linux:8"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8","defaultStatus":"unaffected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"xorg-x11-server-Xwayland","cpes":["cpe:/o:redhat:enterprise_linux:8"]}]}],"metrics":{"cvssMetricV31":[{"source":"secalert@redhat.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-02-25T20:05:05.924947Z","id":"CVE-2025-26595","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"secalert@redhat.com","type":"Secondary","description":[{"lang":"en","value":"CWE-121"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-787"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:tigervnc:tigervnc:-:*:*:*:*:*:*:*","matchCriteriaId":"79A8316C-BA22-441E-92AF-415AFABCEB76"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:x.org:x_server:*:*:*:*:*:*:*:*","versionEndExcluding":"21.1.16","matchCriteriaId":"07E5F462-A20F-472C-85E7-804D46F01A7A"},{"vulnerable":true,"criteria":"cpe:2.3:a:x.org:xwayland:*:*:*:*:*:*:*:*","versionEndExcluding":"24.1.6","matchCriteriaId":"1CBC57E6-F54D-4B54-9263-9753CCA3EEF7"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*","matchCriteriaId":"142AD0DD-4CF3-4D74-9442-459CE3347E3A"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*","matchCriteriaId":"F4CFF558-3C47-480D-A2F0-BABF26042943"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*","matchCriteriaId":"7F6FB57C-2BC7-487C-96DD-132683AEB35D"}]}]}],"references":[{"url":"https://access.redhat.com/errata/RHSA-2025:2500","source":"secalert@redhat.com","tags":["Third Party Advisory"]},{"url":"https://access.redhat.com/errata/RHSA-2025:2502","source":"secalert@redhat.com","tags":["Third Party Advisory"]},{"url":"https://access.redhat.com/errata/RHSA-2025:2861","source":"secalert@redhat.com","tags":["Third Party Advisory"]},{"url":"https://access.redhat.com/errata/RHSA-2025:2862","source":"secalert@redhat.com","tags":["Third Party Advisory"]},{"url":"https://access.redhat.com/errata/RHSA-2025:2865","source":"secalert@redhat.com","tags":["Third Party Advisory"]},{"url":"https://access.redhat.com/errata/RHSA-2025:2866","source":"secalert@redhat.com","tags":["Third Party Advisory"]},{"url":"https://access.redhat.com/errata/RHSA-2025:2873","source":"secalert@redhat.com","tags":["Third Party Advisory"]},{"url":"https://access.redhat.com/errata/RHSA-2025:2874","source":"secalert@redhat.com","tags":["Third Party Advisory"]},{"url":"https://access.redhat.com/errata/RHSA-2025:2875","source":"secalert@redhat.com","tags":["Third Party Advisory"]},{"url":"https://access.redhat.com/errata/RHSA-2025:2879","source":"secalert@redhat.com","tags":["Third Party Advisory"]},{"url":"https://access.redhat.com/errata/RHSA-2025:2880","source":"secalert@redhat.com","tags":["Third Party Advisory"]},{"url":"https://access.redhat.com/errata/RHSA-2025:3976","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:7163","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:7165","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:7458","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/security/cve/CVE-2025-26595","source":"secalert@redhat.com","tags":["Third Party Advisory"]},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2345257","source":"secalert@redhat.com","tags":["Issue Tracking"]},{"url":"https://lists.debian.org/debian-lts-announce/2025/02/msg00036.html","source":"af854a3a-2127-422b-91ae-364da2661108"}]}},{"cve":{"id":"CVE-2025-26596","sourceIdentifier":"secalert@redhat.com","published":"2025-02-25T16:15:38.603","lastModified":"2026-06-29T21:16:33.690","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"A heap overflow flaw was found in X.Org and Xwayland. The computation of the length in XkbSizeKeySyms() differs from what is written in XkbWriteKeySyms(), which may lead to a heap-based buffer overflow."},{"lang":"es","value":"Se encontró una falla de desbordamiento de búfer en X.Org y Xwayland. El cálculo de la longitud en XkbSizeKeySyms() difiere de lo que está escrito en XkbWriteKeySyms(), lo que puede provocar un desbordamiento de búfer en el búfer."}],"affected":[{"source":"secalert@redhat.com","affectedData":[{"defaultStatus":"unaffected","collectionURL":"https://gitlab.freedesktop.org/xorg/xserver/","packageName":"xserver","versions":[{"version":"0","lessThan":"21.1.16","versionType":"semver","status":"affected"},{"version":"22.0.0","lessThan":"24.1.6","versionType":"semver","status":"affected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 10","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"xorg-x11-server-Xwayland","cpes":["cpe:/o:redhat:enterprise_linux:10.0"],"versions":[{"version":"0:24.1.5-3.el10_0","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 6 Extended Lifecycle Support  - EXTENSION","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"tigervnc","cpes":["cpe:/o:redhat:rhel_els:6"],"versions":[{"version":"0:1.1.0-25.el6_10","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 7 Extended Lifecycle Support","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"tigervnc","cpes":["cpe:/o:redhat:rhel_els:7"],"versions":[{"version":"0:1.8.0-36.el7_9","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 7 Extended Lifecycle Support","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"xorg-x11-server","cpes":["cpe:/o:redhat:rhel_els:7"],"versions":[{"version":"0:1.20.4-30.el7_9","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"tigervnc","cpes":["cpe:/a:redhat:enterprise_linux:8::appstream"],"versions":[{"version":"0:1.13.1-15.el8_10","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.2 Advanced Update Support","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"tigervnc","cpes":["cpe:/a:redhat:rhel_aus:8.2::appstream"],"versions":[{"version":"0:1.9.0-15.el8_2.13","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"tigervnc","cpes":["cpe:/a:redhat:rhel_aus:8.4::appstream","cpe:/a:redhat:rhel_e4s:8.4::appstream","cpe:/a:redhat:rhel_tus:8.4::appstream"],"versions":[{"version":"0:1.11.0-8.el8_4.12","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.4 Telecommunications Update Service","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"tigervnc","cpes":["cpe:/a:redhat:rhel_aus:8.4::appstream","cpe:/a:redhat:rhel_e4s:8.4::appstream","cpe:/a:redhat:rhel_tus:8.4::appstream"],"versions":[{"version":"0:1.11.0-8.el8_4.12","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"tigervnc","cpes":["cpe:/a:redhat:rhel_aus:8.4::appstream","cpe:/a:redhat:rhel_e4s:8.4::appstream","cpe:/a:redhat:rhel_tus:8.4::appstream"],"versions":[{"version":"0:1.11.0-8.el8_4.12","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"tigervnc","cpes":["cpe:/a:redhat:rhel_aus:8.6::appstream","cpe:/a:redhat:rhel_e4s:8.6::appstream","cpe:/a:redhat:rhel_tus:8.6::appstream"],"versions":[{"version":"0:1.12.0-6.el8_6.13","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.6 Telecommunications Update Service","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"tigervnc","cpes":["cpe:/a:redhat:rhel_aus:8.6::appstream","cpe:/a:redhat:rhel_e4s:8.6::appstream","cpe:/a:redhat:rhel_tus:8.6::appstream"],"versions":[{"version":"0:1.12.0-6.el8_6.13","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"tigervnc","cpes":["cpe:/a:redhat:rhel_aus:8.6::appstream","cpe:/a:redhat:rhel_e4s:8.6::appstream","cpe:/a:redhat:rhel_tus:8.6::appstream"],"versions":[{"version":"0:1.12.0-6.el8_6.13","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.8 Extended Update Support","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"tigervnc","cpes":["cpe:/a:redhat:rhel_eus:8.8::appstream"],"versions":[{"version":"0:1.12.0-15.el8_8.12","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"tigervnc","cpes":["cpe:/a:redhat:enterprise_linux:9::appstream"],"versions":[{"version":"0:1.14.1-1.el9_5.1","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"xorg-x11-server","cpes":["cpe:/a:redhat:enterprise_linux:9::appstream","cpe:/a:redhat:enterprise_linux:9::crb"],"versions":[{"version":"0:1.20.11-28.el9_6","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"xorg-x11-server-Xwayland","cpes":["cpe:/a:redhat:enterprise_linux:9::appstream","cpe:/a:redhat:enterprise_linux:9::crb"],"versions":[{"version":"0:23.2.7-3.el9_6","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"tigervnc","cpes":["cpe:/a:redhat:rhel_e4s:9.0::appstream"],"versions":[{"version":"0:1.11.0-22.el9_0.13","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9.2 Extended Update Support","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"tigervnc","cpes":["cpe:/a:redhat:rhel_eus:9.2::appstream"],"versions":[{"version":"0:1.12.0-14.el9_2.10","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9.4 Extended Update Support","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"tigervnc","cpes":["cpe:/a:redhat:rhel_eus:9.4::appstream"],"versions":[{"version":"0:1.13.1-8.el9_4.5","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 6","defaultStatus":"unknown","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"xorg-x11-server","cpes":["cpe:/o:redhat:enterprise_linux:6"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8","defaultStatus":"unaffected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"xorg-x11-server","cpes":["cpe:/o:redhat:enterprise_linux:8"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8","defaultStatus":"unaffected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"xorg-x11-server-Xwayland","cpes":["cpe:/o:redhat:enterprise_linux:8"]}]}],"metrics":{"cvssMetricV31":[{"source":"secalert@redhat.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-02-25T17:14:01.432188Z","id":"CVE-2025-26596","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"secalert@redhat.com","type":"Secondary","description":[{"lang":"en","value":"CWE-787"}]},{"source":"nvd@nist.gov","type":"Secondary","description":[{"lang":"en","value":"CWE-787"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:tigervnc:tigervnc:-:*:*:*:*:*:*:*","matchCriteriaId":"79A8316C-BA22-441E-92AF-415AFABCEB76"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:x.org:x_server:*:*:*:*:*:*:*:*","versionEndExcluding":"21.1.16","matchCriteriaId":"07E5F462-A20F-472C-85E7-804D46F01A7A"},{"vulnerable":true,"criteria":"cpe:2.3:a:x.org:xwayland:*:*:*:*:*:*:*:*","versionEndExcluding":"24.1.6","matchCriteriaId":"1CBC57E6-F54D-4B54-9263-9753CCA3EEF7"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*","matchCriteriaId":"142AD0DD-4CF3-4D74-9442-459CE3347E3A"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*","matchCriteriaId":"F4CFF558-3C47-480D-A2F0-BABF26042943"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*","matchCriteriaId":"7F6FB57C-2BC7-487C-96DD-132683AEB35D"}]}]}],"references":[{"url":"https://access.redhat.com/errata/RHSA-2025:2500","source":"secalert@redhat.com","tags":["Third Party Advisory"]},{"url":"https://access.redhat.com/errata/RHSA-2025:2502","source":"secalert@redhat.com","tags":["Third Party Advisory"]},{"url":"https://access.redhat.com/errata/RHSA-2025:2861","source":"secalert@redhat.com","tags":["Third Party Advisory"]},{"url":"https://access.redhat.com/errata/RHSA-2025:2862","source":"secalert@redhat.com","tags":["Third Party Advisory"]},{"url":"https://access.redhat.com/errata/RHSA-2025:2865","source":"secalert@redhat.com","tags":["Third Party Advisory"]},{"url":"https://access.redhat.com/errata/RHSA-2025:2866","source":"secalert@redhat.com","tags":["Third Party Advisory"]},{"url":"https://access.redhat.com/errata/RHSA-2025:2873","source":"secalert@redhat.com","tags":["Third Party Advisory"]},{"url":"https://access.redhat.com/errata/RHSA-2025:2874","source":"secalert@redhat.com","tags":["Third Party Advisory"]},{"url":"https://access.redhat.com/errata/RHSA-2025:2875","source":"secalert@redhat.com","tags":["Third Party Advisory"]},{"url":"https://access.redhat.com/errata/RHSA-2025:2879","source":"secalert@redhat.com","tags":["Third Party Advisory"]},{"url":"https://access.redhat.com/errata/RHSA-2025:2880","source":"secalert@redhat.com","tags":["Third Party Advisory"]},{"url":"https://access.redhat.com/errata/RHSA-2025:3976","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:7163","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:7165","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:7458","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/security/cve/CVE-2025-26596","source":"secalert@redhat.com","tags":["Third Party Advisory"]},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2345256","source":"secalert@redhat.com","tags":["Issue Tracking"]},{"url":"https://lists.debian.org/debian-lts-announce/2025/02/msg00036.html","source":"af854a3a-2127-422b-91ae-364da2661108"}]}},{"cve":{"id":"CVE-2025-26597","sourceIdentifier":"secalert@redhat.com","published":"2025-02-25T16:15:38.797","lastModified":"2026-06-29T21:16:33.970","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"A buffer overflow flaw was found in X.Org and Xwayland. If XkbChangeTypesOfKey() is called with a 0 group, it will resize the key symbols table to 0 but leave the key actions unchanged. If the same function is later called with a non-zero value of groups, this will cause a buffer overflow because the key actions are of the wrong size."},{"lang":"es","value":"Se encontró una falla de desbordamiento de búfer en X.Org y Xwayland. Si se llama a XkbChangeTypesOfKey() con un grupo 0, cambiará el tamaño de la tabla de símbolos de teclas a 0, pero dejará las acciones de teclas sin cambios. Si luego se llama a la misma función con un valor de grupos distinto de cero, esto provocará un desbordamiento de búfer porque las acciones de teclas tienen un tamaño incorrecto."}],"affected":[{"source":"secalert@redhat.com","affectedData":[{"defaultStatus":"unaffected","collectionURL":"https://gitlab.freedesktop.org/xorg/xserver/","packageName":"xserver","versions":[{"version":"0","lessThan":"21.1.16","versionType":"semver","status":"affected"},{"version":"22.0.0","lessThan":"24.1.6","versionType":"semver","status":"affected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 10","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"xorg-x11-server-Xwayland","cpes":["cpe:/o:redhat:enterprise_linux:10.0"],"versions":[{"version":"0:24.1.5-3.el10_0","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 6 Extended Lifecycle Support  - EXTENSION","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"tigervnc","cpes":["cpe:/o:redhat:rhel_els:6"],"versions":[{"version":"0:1.1.0-25.el6_10","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 7 Extended Lifecycle Support","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"tigervnc","cpes":["cpe:/o:redhat:rhel_els:7"],"versions":[{"version":"0:1.8.0-36.el7_9","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 7 Extended Lifecycle Support","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"xorg-x11-server","cpes":["cpe:/o:redhat:rhel_els:7"],"versions":[{"version":"0:1.20.4-30.el7_9","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"tigervnc","cpes":["cpe:/a:redhat:enterprise_linux:8::appstream"],"versions":[{"version":"0:1.13.1-15.el8_10","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.2 Advanced Update Support","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"tigervnc","cpes":["cpe:/a:redhat:rhel_aus:8.2::appstream"],"versions":[{"version":"0:1.9.0-15.el8_2.13","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"tigervnc","cpes":["cpe:/a:redhat:rhel_aus:8.4::appstream","cpe:/a:redhat:rhel_e4s:8.4::appstream","cpe:/a:redhat:rhel_tus:8.4::appstream"],"versions":[{"version":"0:1.11.0-8.el8_4.12","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.4 Telecommunications Update Service","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"tigervnc","cpes":["cpe:/a:redhat:rhel_aus:8.4::appstream","cpe:/a:redhat:rhel_e4s:8.4::appstream","cpe:/a:redhat:rhel_tus:8.4::appstream"],"versions":[{"version":"0:1.11.0-8.el8_4.12","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"tigervnc","cpes":["cpe:/a:redhat:rhel_aus:8.4::appstream","cpe:/a:redhat:rhel_e4s:8.4::appstream","cpe:/a:redhat:rhel_tus:8.4::appstream"],"versions":[{"version":"0:1.11.0-8.el8_4.12","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"tigervnc","cpes":["cpe:/a:redhat:rhel_aus:8.6::appstream","cpe:/a:redhat:rhel_e4s:8.6::appstream","cpe:/a:redhat:rhel_tus:8.6::appstream"],"versions":[{"version":"0:1.12.0-6.el8_6.13","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.6 Telecommunications Update Service","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"tigervnc","cpes":["cpe:/a:redhat:rhel_aus:8.6::appstream","cpe:/a:redhat:rhel_e4s:8.6::appstream","cpe:/a:redhat:rhel_tus:8.6::appstream"],"versions":[{"version":"0:1.12.0-6.el8_6.13","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"tigervnc","cpes":["cpe:/a:redhat:rhel_aus:8.6::appstream","cpe:/a:redhat:rhel_e4s:8.6::appstream","cpe:/a:redhat:rhel_tus:8.6::appstream"],"versions":[{"version":"0:1.12.0-6.el8_6.13","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.8 Extended Update Support","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"tigervnc","cpes":["cpe:/a:redhat:rhel_eus:8.8::appstream"],"versions":[{"version":"0:1.12.0-15.el8_8.12","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"tigervnc","cpes":["cpe:/a:redhat:enterprise_linux:9::appstream"],"versions":[{"version":"0:1.14.1-1.el9_5.1","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"xorg-x11-server","cpes":["cpe:/a:redhat:enterprise_linux:9::appstream","cpe:/a:redhat:enterprise_linux:9::crb"],"versions":[{"version":"0:1.20.11-28.el9_6","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"xorg-x11-server-Xwayland","cpes":["cpe:/a:redhat:enterprise_linux:9::appstream","cpe:/a:redhat:enterprise_linux:9::crb"],"versions":[{"version":"0:23.2.7-3.el9_6","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"tigervnc","cpes":["cpe:/a:redhat:rhel_e4s:9.0::appstream"],"versions":[{"version":"0:1.11.0-22.el9_0.13","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9.2 Extended Update Support","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"tigervnc","cpes":["cpe:/a:redhat:rhel_eus:9.2::appstream"],"versions":[{"version":"0:1.12.0-14.el9_2.10","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9.4 Extended Update Support","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"tigervnc","cpes":["cpe:/a:redhat:rhel_eus:9.4::appstream"],"versions":[{"version":"0:1.13.1-8.el9_4.5","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 6","defaultStatus":"unknown","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"xorg-x11-server","cpes":["cpe:/o:redhat:enterprise_linux:6"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8","defaultStatus":"unaffected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"xorg-x11-server","cpes":["cpe:/o:redhat:enterprise_linux:8"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8","defaultStatus":"unaffected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"xorg-x11-server-Xwayland","cpes":["cpe:/o:redhat:enterprise_linux:8"]}]}],"metrics":{"cvssMetricV31":[{"source":"secalert@redhat.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-02-25T16:39:35.677718Z","id":"CVE-2025-26597","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"secalert@redhat.com","type":"Secondary","description":[{"lang":"en","value":"CWE-119"}]},{"source":"nvd@nist.gov","type":"Secondary","description":[{"lang":"en","value":"CWE-119"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:tigervnc:tigervnc:-:*:*:*:*:*:*:*","matchCriteriaId":"79A8316C-BA22-441E-92AF-415AFABCEB76"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:x.org:x_server:*:*:*:*:*:*:*:*","versionEndExcluding":"21.1.16","matchCriteriaId":"07E5F462-A20F-472C-85E7-804D46F01A7A"},{"vulnerable":true,"criteria":"cpe:2.3:a:x.org:xwayland:*:*:*:*:*:*:*:*","versionEndExcluding":"24.1.6","matchCriteriaId":"1CBC57E6-F54D-4B54-9263-9753CCA3EEF7"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*","matchCriteriaId":"142AD0DD-4CF3-4D74-9442-459CE3347E3A"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*","matchCriteriaId":"F4CFF558-3C47-480D-A2F0-BABF26042943"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*","matchCriteriaId":"7F6FB57C-2BC7-487C-96DD-132683AEB35D"}]}]}],"references":[{"url":"https://access.redhat.com/errata/RHSA-2025:2500","source":"secalert@redhat.com","tags":["Third Party Advisory"]},{"url":"https://access.redhat.com/errata/RHSA-2025:2502","source":"secalert@redhat.com","tags":["Third Party Advisory"]},{"url":"https://access.redhat.com/errata/RHSA-2025:2861","source":"secalert@redhat.com","tags":["Third Party Advisory"]},{"url":"https://access.redhat.com/errata/RHSA-2025:2862","source":"secalert@redhat.com","tags":["Third Party Advisory"]},{"url":"https://access.redhat.com/errata/RHSA-2025:2865","source":"secalert@redhat.com","tags":["Third Party Advisory"]},{"url":"https://access.redhat.com/errata/RHSA-2025:2866","source":"secalert@redhat.com","tags":["Third Party Advisory"]},{"url":"https://access.redhat.com/errata/RHSA-2025:2873","source":"secalert@redhat.com","tags":["Third Party Advisory"]},{"url":"https://access.redhat.com/errata/RHSA-2025:2874","source":"secalert@redhat.com","tags":["Third Party Advisory"]},{"url":"https://access.redhat.com/errata/RHSA-2025:2875","source":"secalert@redhat.com","tags":["Third Party Advisory"]},{"url":"https://access.redhat.com/errata/RHSA-2025:2879","source":"secalert@redhat.com","tags":["Third Party Advisory"]},{"url":"https://access.redhat.com/errata/RHSA-2025:2880","source":"secalert@redhat.com","tags":["Third Party Advisory"]},{"url":"https://access.redhat.com/errata/RHSA-2025:3976","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:7163","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:7165","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:7458","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/security/cve/CVE-2025-26597","source":"secalert@redhat.com","tags":["Third Party Advisory"]},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2345255","source":"secalert@redhat.com","tags":["Issue Tracking"]},{"url":"http://www.openwall.com/lists/oss-security/2026/06/02/1","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://lists.debian.org/debian-lts-announce/2025/02/msg00036.html","source":"af854a3a-2127-422b-91ae-364da2661108"}]}},{"cve":{"id":"CVE-2025-26598","sourceIdentifier":"secalert@redhat.com","published":"2025-02-25T16:15:38.977","lastModified":"2026-06-29T21:16:34.227","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"An out-of-bounds write flaw was found in X.Org and Xwayland. The function GetBarrierDevice() searches for the pointer device based on its device ID and returns the matching value, or supposedly NULL, if no match was found. However, the code will return the last element of the list if no matching device ID is found, which can lead to out-of-bounds memory access."},{"lang":"es","value":"Se encontró una falla de escritura fuera de los límites en X.Org y Xwayland. La función GetBarrierDevice() busca el dispositivo puntero en función de su ID de dispositivo y devuelve el valor coincidente, o supuestamente NULL, si no se encuentra ninguna coincidencia. Sin embargo, el código devolverá el último elemento de la lista si no se encuentra ninguna ID de dispositivo coincidente, lo que puede provocar un acceso a la memoria fuera de los límites."}],"affected":[{"source":"secalert@redhat.com","affectedData":[{"defaultStatus":"unaffected","collectionURL":"https://gitlab.freedesktop.org/xorg/xserver/","packageName":"xserver","versions":[{"version":"0","lessThan":"21.1.16","versionType":"semver","status":"affected"},{"version":"22.0.0","lessThan":"24.1.6","versionType":"semver","status":"affected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 10","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"xorg-x11-server-Xwayland","cpes":["cpe:/o:redhat:enterprise_linux:10.0"],"versions":[{"version":"0:24.1.5-3.el10_0","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 6 Extended Lifecycle Support  - EXTENSION","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"tigervnc","cpes":["cpe:/o:redhat:rhel_els:6"],"versions":[{"version":"0:1.1.0-25.el6_10","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 7 Extended Lifecycle Support","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"tigervnc","cpes":["cpe:/o:redhat:rhel_els:7"],"versions":[{"version":"0:1.8.0-36.el7_9","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 7 Extended Lifecycle Support","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"xorg-x11-server","cpes":["cpe:/o:redhat:rhel_els:7"],"versions":[{"version":"0:1.20.4-30.el7_9","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"tigervnc","cpes":["cpe:/a:redhat:enterprise_linux:8::appstream"],"versions":[{"version":"0:1.13.1-15.el8_10","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.2 Advanced Update Support","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"tigervnc","cpes":["cpe:/a:redhat:rhel_aus:8.2::appstream"],"versions":[{"version":"0:1.9.0-15.el8_2.13","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"tigervnc","cpes":["cpe:/a:redhat:rhel_aus:8.4::appstream","cpe:/a:redhat:rhel_e4s:8.4::appstream","cpe:/a:redhat:rhel_tus:8.4::appstream"],"versions":[{"version":"0:1.11.0-8.el8_4.12","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.4 Telecommunications Update Service","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"tigervnc","cpes":["cpe:/a:redhat:rhel_aus:8.4::appstream","cpe:/a:redhat:rhel_e4s:8.4::appstream","cpe:/a:redhat:rhel_tus:8.4::appstream"],"versions":[{"version":"0:1.11.0-8.el8_4.12","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"tigervnc","cpes":["cpe:/a:redhat:rhel_aus:8.4::appstream","cpe:/a:redhat:rhel_e4s:8.4::appstream","cpe:/a:redhat:rhel_tus:8.4::appstream"],"versions":[{"version":"0:1.11.0-8.el8_4.12","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"tigervnc","cpes":["cpe:/a:redhat:rhel_aus:8.6::appstream","cpe:/a:redhat:rhel_e4s:8.6::appstream","cpe:/a:redhat:rhel_tus:8.6::appstream"],"versions":[{"version":"0:1.12.0-6.el8_6.13","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.6 Telecommunications Update Service","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"tigervnc","cpes":["cpe:/a:redhat:rhel_aus:8.6::appstream","cpe:/a:redhat:rhel_e4s:8.6::appstream","cpe:/a:redhat:rhel_tus:8.6::appstream"],"versions":[{"version":"0:1.12.0-6.el8_6.13","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"tigervnc","cpes":["cpe:/a:redhat:rhel_aus:8.6::appstream","cpe:/a:redhat:rhel_e4s:8.6::appstream","cpe:/a:redhat:rhel_tus:8.6::appstream"],"versions":[{"version":"0:1.12.0-6.el8_6.13","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.8 Extended Update Support","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"tigervnc","cpes":["cpe:/a:redhat:rhel_eus:8.8::appstream"],"versions":[{"version":"0:1.12.0-15.el8_8.12","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"tigervnc","cpes":["cpe:/a:redhat:enterprise_linux:9::appstream"],"versions":[{"version":"0:1.14.1-1.el9_5.1","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"xorg-x11-server","cpes":["cpe:/a:redhat:enterprise_linux:9::appstream","cpe:/a:redhat:enterprise_linux:9::crb"],"versions":[{"version":"0:1.20.11-28.el9_6","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"xorg-x11-server-Xwayland","cpes":["cpe:/a:redhat:enterprise_linux:9::appstream","cpe:/a:redhat:enterprise_linux:9::crb"],"versions":[{"version":"0:23.2.7-3.el9_6","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"tigervnc","cpes":["cpe:/a:redhat:rhel_e4s:9.0::appstream"],"versions":[{"version":"0:1.11.0-22.el9_0.13","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9.2 Extended Update Support","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"tigervnc","cpes":["cpe:/a:redhat:rhel_eus:9.2::appstream"],"versions":[{"version":"0:1.12.0-14.el9_2.10","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9.4 Extended Update Support","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"tigervnc","cpes":["cpe:/a:redhat:rhel_eus:9.4::appstream"],"versions":[{"version":"0:1.13.1-8.el9_4.5","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 6","defaultStatus":"unknown","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"xorg-x11-server","cpes":["cpe:/o:redhat:enterprise_linux:6"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8","defaultStatus":"unaffected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"xorg-x11-server","cpes":["cpe:/o:redhat:enterprise_linux:8"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8","defaultStatus":"unaffected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"xorg-x11-server-Xwayland","cpes":["cpe:/o:redhat:enterprise_linux:8"]}]}],"metrics":{"cvssMetricV31":[{"source":"secalert@redhat.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-02-25T16:24:04.385893Z","id":"CVE-2025-26598","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"secalert@redhat.com","type":"Secondary","description":[{"lang":"en","value":"CWE-787"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-787"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:tigervnc:tigervnc:-:*:*:*:*:*:*:*","matchCriteriaId":"79A8316C-BA22-441E-92AF-415AFABCEB76"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:x.org:x_server:*:*:*:*:*:*:*:*","versionEndExcluding":"21.1.16","matchCriteriaId":"07E5F462-A20F-472C-85E7-804D46F01A7A"},{"vulnerable":true,"criteria":"cpe:2.3:a:x.org:xwayland:*:*:*:*:*:*:*:*","versionEndExcluding":"24.1.6","matchCriteriaId":"1CBC57E6-F54D-4B54-9263-9753CCA3EEF7"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*","matchCriteriaId":"142AD0DD-4CF3-4D74-9442-459CE3347E3A"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*","matchCriteriaId":"F4CFF558-3C47-480D-A2F0-BABF26042943"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*","matchCriteriaId":"7F6FB57C-2BC7-487C-96DD-132683AEB35D"}]}]}],"references":[{"url":"https://access.redhat.com/errata/RHSA-2025:2500","source":"secalert@redhat.com","tags":["Third Party Advisory"]},{"url":"https://access.redhat.com/errata/RHSA-2025:2502","source":"secalert@redhat.com","tags":["Third Party Advisory"]},{"url":"https://access.redhat.com/errata/RHSA-2025:2861","source":"secalert@redhat.com","tags":["Third Party Advisory"]},{"url":"https://access.redhat.com/errata/RHSA-2025:2862","source":"secalert@redhat.com","tags":["Third Party Advisory"]},{"url":"https://access.redhat.com/errata/RHSA-2025:2865","source":"secalert@redhat.com","tags":["Third Party Advisory"]},{"url":"https://access.redhat.com/errata/RHSA-2025:2866","source":"secalert@redhat.com","tags":["Third Party Advisory"]},{"url":"https://access.redhat.com/errata/RHSA-2025:2873","source":"secalert@redhat.com","tags":["Third Party Advisory"]},{"url":"https://access.redhat.com/errata/RHSA-2025:2874","source":"secalert@redhat.com","tags":["Third Party Advisory"]},{"url":"https://access.redhat.com/errata/RHSA-2025:2875","source":"secalert@redhat.com","tags":["Third Party Advisory"]},{"url":"https://access.redhat.com/errata/RHSA-2025:2879","source":"secalert@redhat.com","tags":["Third Party Advisory"]},{"url":"https://access.redhat.com/errata/RHSA-2025:2880","source":"secalert@redhat.com","tags":["Third Party Advisory"]},{"url":"https://access.redhat.com/errata/RHSA-2025:3976","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:7163","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:7165","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:7458","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/security/cve/CVE-2025-26598","source":"secalert@redhat.com","tags":["Third Party Advisory"]},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2345254","source":"secalert@redhat.com","tags":["Issue Tracking"]},{"url":"https://lists.debian.org/debian-lts-announce/2025/02/msg00036.html","source":"af854a3a-2127-422b-91ae-364da2661108"}]}},{"cve":{"id":"CVE-2025-26599","sourceIdentifier":"secalert@redhat.com","published":"2025-02-25T16:15:39.163","lastModified":"2026-06-29T21:16:34.477","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"An access to an uninitialized pointer flaw was found in X.Org and Xwayland. The function compCheckRedirect() may fail if it cannot allocate the backing pixmap. In that case, compRedirectWindow() will return a BadAlloc error without validating the window tree marked just before, which leaves the validated data partly initialized and the use of an uninitialized pointer later."},{"lang":"es","value":"Se encontró un error en el acceso a un puntero no inicializado en X.Org y Xwayland. La función compCheckRedirect() puede fallar si no puede asignar el mapa de píxeles de respaldo. En ese caso, compRedirectWindow() devolverá un error BadAlloc sin validar el árbol de ventanas marcado justo antes, lo que deja los datos validados parcialmente inicializados y el uso de un puntero no inicializado más adelante."}],"affected":[{"source":"secalert@redhat.com","affectedData":[{"defaultStatus":"unaffected","collectionURL":"https://gitlab.freedesktop.org/xorg/xserver/","packageName":"xserver","versions":[{"version":"0","lessThan":"21.1.16","versionType":"semver","status":"affected"},{"version":"22.0.0","lessThan":"24.1.6","versionType":"semver","status":"affected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 10","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"xorg-x11-server-Xwayland","cpes":["cpe:/o:redhat:enterprise_linux:10.0"],"versions":[{"version":"0:24.1.5-3.el10_0","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 6 Extended Lifecycle Support  - EXTENSION","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"tigervnc","cpes":["cpe:/o:redhat:rhel_els:6"],"versions":[{"version":"0:1.1.0-25.el6_10","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 7 Extended Lifecycle Support","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"tigervnc","cpes":["cpe:/o:redhat:rhel_els:7"],"versions":[{"version":"0:1.8.0-36.el7_9","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 7 Extended Lifecycle Support","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"xorg-x11-server","cpes":["cpe:/o:redhat:rhel_els:7"],"versions":[{"version":"0:1.20.4-30.el7_9","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"tigervnc","cpes":["cpe:/a:redhat:enterprise_linux:8::appstream"],"versions":[{"version":"0:1.13.1-15.el8_10","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.2 Advanced Update Support","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"tigervnc","cpes":["cpe:/a:redhat:rhel_aus:8.2::appstream"],"versions":[{"version":"0:1.9.0-15.el8_2.13","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"tigervnc","cpes":["cpe:/a:redhat:rhel_aus:8.4::appstream","cpe:/a:redhat:rhel_e4s:8.4::appstream","cpe:/a:redhat:rhel_tus:8.4::appstream"],"versions":[{"version":"0:1.11.0-8.el8_4.12","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.4 Telecommunications Update Service","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"tigervnc","cpes":["cpe:/a:redhat:rhel_aus:8.4::appstream","cpe:/a:redhat:rhel_e4s:8.4::appstream","cpe:/a:redhat:rhel_tus:8.4::appstream"],"versions":[{"version":"0:1.11.0-8.el8_4.12","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"tigervnc","cpes":["cpe:/a:redhat:rhel_aus:8.4::appstream","cpe:/a:redhat:rhel_e4s:8.4::appstream","cpe:/a:redhat:rhel_tus:8.4::appstream"],"versions":[{"version":"0:1.11.0-8.el8_4.12","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"tigervnc","cpes":["cpe:/a:redhat:rhel_aus:8.6::appstream","cpe:/a:redhat:rhel_e4s:8.6::appstream","cpe:/a:redhat:rhel_tus:8.6::appstream"],"versions":[{"version":"0:1.12.0-6.el8_6.13","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.6 Telecommunications Update Service","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"tigervnc","cpes":["cpe:/a:redhat:rhel_aus:8.6::appstream","cpe:/a:redhat:rhel_e4s:8.6::appstream","cpe:/a:redhat:rhel_tus:8.6::appstream"],"versions":[{"version":"0:1.12.0-6.el8_6.13","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"tigervnc","cpes":["cpe:/a:redhat:rhel_aus:8.6::appstream","cpe:/a:redhat:rhel_e4s:8.6::appstream","cpe:/a:redhat:rhel_tus:8.6::appstream"],"versions":[{"version":"0:1.12.0-6.el8_6.13","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.8 Extended Update Support","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"tigervnc","cpes":["cpe:/a:redhat:rhel_eus:8.8::appstream"],"versions":[{"version":"0:1.12.0-15.el8_8.12","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"tigervnc","cpes":["cpe:/a:redhat:enterprise_linux:9::appstream"],"versions":[{"version":"0:1.14.1-1.el9_5.1","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"xorg-x11-server","cpes":["cpe:/a:redhat:enterprise_linux:9::appstream","cpe:/a:redhat:enterprise_linux:9::crb"],"versions":[{"version":"0:1.20.11-28.el9_6","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"xorg-x11-server-Xwayland","cpes":["cpe:/a:redhat:enterprise_linux:9::appstream","cpe:/a:redhat:enterprise_linux:9::crb"],"versions":[{"version":"0:23.2.7-3.el9_6","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"tigervnc","cpes":["cpe:/a:redhat:rhel_e4s:9.0::appstream"],"versions":[{"version":"0:1.11.0-22.el9_0.13","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9.2 Extended Update Support","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"tigervnc","cpes":["cpe:/a:redhat:rhel_eus:9.2::appstream"],"versions":[{"version":"0:1.12.0-14.el9_2.10","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9.4 Extended Update Support","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"tigervnc","cpes":["cpe:/a:redhat:rhel_eus:9.4::appstream"],"versions":[{"version":"0:1.13.1-8.el9_4.5","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 6","defaultStatus":"unknown","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"xorg-x11-server","cpes":["cpe:/o:redhat:enterprise_linux:6"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8","defaultStatus":"unaffected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"xorg-x11-server","cpes":["cpe:/o:redhat:enterprise_linux:8"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8","defaultStatus":"unaffected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"xorg-x11-server-Xwayland","cpes":["cpe:/o:redhat:enterprise_linux:8"]}]}],"metrics":{"cvssMetricV31":[{"source":"secalert@redhat.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-02-25T16:22:35.562208Z","id":"CVE-2025-26599","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"secalert@redhat.com","type":"Secondary","description":[{"lang":"en","value":"CWE-824"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-824"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:tigervnc:tigervnc:-:*:*:*:*:*:*:*","matchCriteriaId":"79A8316C-BA22-441E-92AF-415AFABCEB76"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:x.org:x_server:*:*:*:*:*:*:*:*","versionEndExcluding":"21.1.16","matchCriteriaId":"07E5F462-A20F-472C-85E7-804D46F01A7A"},{"vulnerable":true,"criteria":"cpe:2.3:a:x.org:xwayland:*:*:*:*:*:*:*:*","versionEndExcluding":"24.1.6","matchCriteriaId":"1CBC57E6-F54D-4B54-9263-9753CCA3EEF7"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*","matchCriteriaId":"142AD0DD-4CF3-4D74-9442-459CE3347E3A"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*","matchCriteriaId":"F4CFF558-3C47-480D-A2F0-BABF26042943"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*","matchCriteriaId":"7F6FB57C-2BC7-487C-96DD-132683AEB35D"}]}]}],"references":[{"url":"https://access.redhat.com/errata/RHSA-2025:2500","source":"secalert@redhat.com","tags":["Third Party Advisory"]},{"url":"https://access.redhat.com/errata/RHSA-2025:2502","source":"secalert@redhat.com","tags":["Third Party Advisory"]},{"url":"https://access.redhat.com/errata/RHSA-2025:2861","source":"secalert@redhat.com","tags":["Third Party Advisory"]},{"url":"https://access.redhat.com/errata/RHSA-2025:2862","source":"secalert@redhat.com","tags":["Third Party Advisory"]},{"url":"https://access.redhat.com/errata/RHSA-2025:2865","source":"secalert@redhat.com","tags":["Third Party Advisory"]},{"url":"https://access.redhat.com/errata/RHSA-2025:2866","source":"secalert@redhat.com","tags":["Third Party Advisory"]},{"url":"https://access.redhat.com/errata/RHSA-2025:2873","source":"secalert@redhat.com","tags":["Third Party Advisory"]},{"url":"https://access.redhat.com/errata/RHSA-2025:2874","source":"secalert@redhat.com","tags":["Third Party Advisory"]},{"url":"https://access.redhat.com/errata/RHSA-2025:2875","source":"secalert@redhat.com","tags":["Third Party Advisory"]},{"url":"https://access.redhat.com/errata/RHSA-2025:2879","source":"secalert@redhat.com","tags":["Third Party Advisory"]},{"url":"https://access.redhat.com/errata/RHSA-2025:2880","source":"secalert@redhat.com","tags":["Third Party Advisory"]},{"url":"https://access.redhat.com/errata/RHSA-2025:3976","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:7163","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:7165","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:7458","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/security/cve/CVE-2025-26599","source":"secalert@redhat.com","tags":["Third Party Advisory"]},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2345253","source":"secalert@redhat.com","tags":["Issue Tracking"]},{"url":"https://lists.debian.org/debian-lts-announce/2025/02/msg00036.html","source":"af854a3a-2127-422b-91ae-364da2661108"}]}},{"cve":{"id":"CVE-2025-26600","sourceIdentifier":"secalert@redhat.com","published":"2025-02-25T16:15:39.350","lastModified":"2026-06-29T21:16:34.757","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"A use-after-free flaw was found in X.Org and Xwayland. When a device is removed while still frozen, the events queued for that device remain while the device is freed. Replaying the events will cause a use-after-free."},{"lang":"es","value":"Se encontró una falla de use-after-free en X.Org y Xwayland. Cuando se elimina un dispositivo mientras aún está congelado, los eventos en cola para ese dispositivo permanecen mientras se libera el dispositivo. La reproducción de los eventos provocará un use-after-free."}],"affected":[{"source":"secalert@redhat.com","affectedData":[{"defaultStatus":"unaffected","collectionURL":"https://gitlab.freedesktop.org/xorg/xserver/","packageName":"xserver","versions":[{"version":"0","lessThan":"21.1.16","versionType":"semver","status":"affected"},{"version":"22.0.0","lessThan":"24.1.6","versionType":"semver","status":"affected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 10","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"xorg-x11-server-Xwayland","cpes":["cpe:/o:redhat:enterprise_linux:10.0"],"versions":[{"version":"0:24.1.5-3.el10_0","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 6 Extended Lifecycle Support  - EXTENSION","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"tigervnc","cpes":["cpe:/o:redhat:rhel_els:6"],"versions":[{"version":"0:1.1.0-25.el6_10","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 7 Extended Lifecycle Support","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"tigervnc","cpes":["cpe:/o:redhat:rhel_els:7"],"versions":[{"version":"0:1.8.0-36.el7_9","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 7 Extended Lifecycle Support","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"xorg-x11-server","cpes":["cpe:/o:redhat:rhel_els:7"],"versions":[{"version":"0:1.20.4-30.el7_9","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"tigervnc","cpes":["cpe:/a:redhat:enterprise_linux:8::appstream"],"versions":[{"version":"0:1.13.1-15.el8_10","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.2 Advanced Update Support","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"tigervnc","cpes":["cpe:/a:redhat:rhel_aus:8.2::appstream"],"versions":[{"version":"0:1.9.0-15.el8_2.13","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"tigervnc","cpes":["cpe:/a:redhat:rhel_aus:8.4::appstream","cpe:/a:redhat:rhel_e4s:8.4::appstream","cpe:/a:redhat:rhel_tus:8.4::appstream"],"versions":[{"version":"0:1.11.0-8.el8_4.12","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.4 Telecommunications Update Service","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"tigervnc","cpes":["cpe:/a:redhat:rhel_aus:8.4::appstream","cpe:/a:redhat:rhel_e4s:8.4::appstream","cpe:/a:redhat:rhel_tus:8.4::appstream"],"versions":[{"version":"0:1.11.0-8.el8_4.12","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"tigervnc","cpes":["cpe:/a:redhat:rhel_aus:8.4::appstream","cpe:/a:redhat:rhel_e4s:8.4::appstream","cpe:/a:redhat:rhel_tus:8.4::appstream"],"versions":[{"version":"0:1.11.0-8.el8_4.12","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"tigervnc","cpes":["cpe:/a:redhat:rhel_aus:8.6::appstream","cpe:/a:redhat:rhel_e4s:8.6::appstream","cpe:/a:redhat:rhel_tus:8.6::appstream"],"versions":[{"version":"0:1.12.0-6.el8_6.13","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.6 Telecommunications Update Service","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"tigervnc","cpes":["cpe:/a:redhat:rhel_aus:8.6::appstream","cpe:/a:redhat:rhel_e4s:8.6::appstream","cpe:/a:redhat:rhel_tus:8.6::appstream"],"versions":[{"version":"0:1.12.0-6.el8_6.13","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"tigervnc","cpes":["cpe:/a:redhat:rhel_aus:8.6::appstream","cpe:/a:redhat:rhel_e4s:8.6::appstream","cpe:/a:redhat:rhel_tus:8.6::appstream"],"versions":[{"version":"0:1.12.0-6.el8_6.13","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.8 Extended Update Support","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"tigervnc","cpes":["cpe:/a:redhat:rhel_eus:8.8::appstream"],"versions":[{"version":"0:1.12.0-15.el8_8.12","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"tigervnc","cpes":["cpe:/a:redhat:enterprise_linux:9::appstream"],"versions":[{"version":"0:1.14.1-1.el9_5.1","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"xorg-x11-server","cpes":["cpe:/a:redhat:enterprise_linux:9::appstream","cpe:/a:redhat:enterprise_linux:9::crb"],"versions":[{"version":"0:1.20.11-28.el9_6","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"xorg-x11-server-Xwayland","cpes":["cpe:/a:redhat:enterprise_linux:9::appstream","cpe:/a:redhat:enterprise_linux:9::crb"],"versions":[{"version":"0:23.2.7-3.el9_6","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"tigervnc","cpes":["cpe:/a:redhat:rhel_e4s:9.0::appstream"],"versions":[{"version":"0:1.11.0-22.el9_0.13","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9.2 Extended Update Support","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"tigervnc","cpes":["cpe:/a:redhat:rhel_eus:9.2::appstream"],"versions":[{"version":"0:1.12.0-14.el9_2.10","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9.4 Extended Update Support","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"tigervnc","cpes":["cpe:/a:redhat:rhel_eus:9.4::appstream"],"versions":[{"version":"0:1.13.1-8.el9_4.5","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 6","defaultStatus":"unknown","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"xorg-x11-server","cpes":["cpe:/o:redhat:enterprise_linux:6"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8","defaultStatus":"unaffected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"xorg-x11-server","cpes":["cpe:/o:redhat:enterprise_linux:8"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8","defaultStatus":"unaffected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"xorg-x11-server-Xwayland","cpes":["cpe:/o:redhat:enterprise_linux:8"]}]}],"metrics":{"cvssMetricV31":[{"source":"secalert@redhat.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-02-25T16:16:54.221297Z","id":"CVE-2025-26600","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"secalert@redhat.com","type":"Secondary","description":[{"lang":"en","value":"CWE-416"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-416"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:tigervnc:tigervnc:-:*:*:*:*:*:*:*","matchCriteriaId":"79A8316C-BA22-441E-92AF-415AFABCEB76"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:x.org:x_server:*:*:*:*:*:*:*:*","versionEndExcluding":"21.1.16","matchCriteriaId":"07E5F462-A20F-472C-85E7-804D46F01A7A"},{"vulnerable":true,"criteria":"cpe:2.3:a:x.org:xwayland:*:*:*:*:*:*:*:*","versionEndExcluding":"24.1.6","matchCriteriaId":"1CBC57E6-F54D-4B54-9263-9753CCA3EEF7"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*","matchCriteriaId":"142AD0DD-4CF3-4D74-9442-459CE3347E3A"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*","matchCriteriaId":"F4CFF558-3C47-480D-A2F0-BABF26042943"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*","matchCriteriaId":"7F6FB57C-2BC7-487C-96DD-132683AEB35D"}]}]}],"references":[{"url":"https://access.redhat.com/errata/RHSA-2025:2500","source":"secalert@redhat.com","tags":["Third Party Advisory"]},{"url":"https://access.redhat.com/errata/RHSA-2025:2502","source":"secalert@redhat.com","tags":["Third Party Advisory"]},{"url":"https://access.redhat.com/errata/RHSA-2025:2861","source":"secalert@redhat.com","tags":["Third Party Advisory"]},{"url":"https://access.redhat.com/errata/RHSA-2025:2862","source":"secalert@redhat.com","tags":["Third Party Advisory"]},{"url":"https://access.redhat.com/errata/RHSA-2025:2865","source":"secalert@redhat.com","tags":["Third Party Advisory"]},{"url":"https://access.redhat.com/errata/RHSA-2025:2866","source":"secalert@redhat.com","tags":["Third Party Advisory"]},{"url":"https://access.redhat.com/errata/RHSA-2025:2873","source":"secalert@redhat.com","tags":["Third Party Advisory"]},{"url":"https://access.redhat.com/errata/RHSA-2025:2874","source":"secalert@redhat.com","tags":["Third Party Advisory"]},{"url":"https://access.redhat.com/errata/RHSA-2025:2875","source":"secalert@redhat.com","tags":["Third Party Advisory"]},{"url":"https://access.redhat.com/errata/RHSA-2025:2879","source":"secalert@redhat.com","tags":["Third Party Advisory"]},{"url":"https://access.redhat.com/errata/RHSA-2025:2880","source":"secalert@redhat.com","tags":["Third Party Advisory"]},{"url":"https://access.redhat.com/errata/RHSA-2025:3976","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:7163","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:7165","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:7458","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/security/cve/CVE-2025-26600","source":"secalert@redhat.com","tags":["Third Party Advisory"]},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2345252","source":"secalert@redhat.com","tags":["Issue Tracking"]},{"url":"https://lists.debian.org/debian-lts-announce/2025/02/msg00036.html","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://security.netapp.com/advisory/ntap-20250516-0005/","source":"af854a3a-2127-422b-91ae-364da2661108"}]}},{"cve":{"id":"CVE-2025-26601","sourceIdentifier":"secalert@redhat.com","published":"2025-02-25T16:15:39.537","lastModified":"2026-06-29T21:16:35.040","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"A use-after-free flaw was found in X.Org and Xwayland. When changing an alarm, the values of the change mask are evaluated one after the other, changing the trigger values as requested, and eventually, SyncInitTrigger() is called. If one of the changes triggers an error, the function will return early, not adding the new sync object, possibly causing a use-after-free when the alarm eventually triggers."},{"lang":"es","value":"Se encontró una falla de use-after-free en X.Org y Xwayland. Al cambiar una alarma, los valores de la máscara de cambio se evalúan uno tras otro, cambiando los valores de activación según lo solicitado y, finalmente, se llama a SyncInitTrigger(). Si uno de los cambios activa un error, la función regresará antes, sin agregar el nuevo objeto de sincronización, lo que posiblemente cause un use-after-free cuando finalmente se active la alarma."}],"affected":[{"source":"secalert@redhat.com","affectedData":[{"defaultStatus":"unaffected","collectionURL":"https://gitlab.freedesktop.org/xorg/xserver/","packageName":"xserver","versions":[{"version":"0","lessThan":"21.1.16","versionType":"semver","status":"affected"},{"version":"22.0.0","lessThan":"24.1.6","versionType":"semver","status":"affected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 10","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"xorg-x11-server-Xwayland","cpes":["cpe:/o:redhat:enterprise_linux:10.0"],"versions":[{"version":"0:24.1.5-3.el10_0","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 6 Extended Lifecycle Support  - EXTENSION","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"tigervnc","cpes":["cpe:/o:redhat:rhel_els:6"],"versions":[{"version":"0:1.1.0-25.el6_10","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 7 Extended Lifecycle Support","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"tigervnc","cpes":["cpe:/o:redhat:rhel_els:7"],"versions":[{"version":"0:1.8.0-36.el7_9","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 7 Extended Lifecycle Support","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"xorg-x11-server","cpes":["cpe:/o:redhat:rhel_els:7"],"versions":[{"version":"0:1.20.4-30.el7_9","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"tigervnc","cpes":["cpe:/a:redhat:enterprise_linux:8::appstream"],"versions":[{"version":"0:1.13.1-15.el8_10","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.2 Advanced Update Support","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"tigervnc","cpes":["cpe:/a:redhat:rhel_aus:8.2::appstream"],"versions":[{"version":"0:1.9.0-15.el8_2.13","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"tigervnc","cpes":["cpe:/a:redhat:rhel_aus:8.4::appstream","cpe:/a:redhat:rhel_e4s:8.4::appstream","cpe:/a:redhat:rhel_tus:8.4::appstream"],"versions":[{"version":"0:1.11.0-8.el8_4.12","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.4 Telecommunications Update Service","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"tigervnc","cpes":["cpe:/a:redhat:rhel_aus:8.4::appstream","cpe:/a:redhat:rhel_e4s:8.4::appstream","cpe:/a:redhat:rhel_tus:8.4::appstream"],"versions":[{"version":"0:1.11.0-8.el8_4.12","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"tigervnc","cpes":["cpe:/a:redhat:rhel_aus:8.4::appstream","cpe:/a:redhat:rhel_e4s:8.4::appstream","cpe:/a:redhat:rhel_tus:8.4::appstream"],"versions":[{"version":"0:1.11.0-8.el8_4.12","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"tigervnc","cpes":["cpe:/a:redhat:rhel_aus:8.6::appstream","cpe:/a:redhat:rhel_e4s:8.6::appstream","cpe:/a:redhat:rhel_tus:8.6::appstream"],"versions":[{"version":"0:1.12.0-6.el8_6.13","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.6 Telecommunications Update Service","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"tigervnc","cpes":["cpe:/a:redhat:rhel_aus:8.6::appstream","cpe:/a:redhat:rhel_e4s:8.6::appstream","cpe:/a:redhat:rhel_tus:8.6::appstream"],"versions":[{"version":"0:1.12.0-6.el8_6.13","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"tigervnc","cpes":["cpe:/a:redhat:rhel_aus:8.6::appstream","cpe:/a:redhat:rhel_e4s:8.6::appstream","cpe:/a:redhat:rhel_tus:8.6::appstream"],"versions":[{"version":"0:1.12.0-6.el8_6.13","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.8 Extended Update Support","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"tigervnc","cpes":["cpe:/a:redhat:rhel_eus:8.8::appstream"],"versions":[{"version":"0:1.12.0-15.el8_8.12","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"tigervnc","cpes":["cpe:/a:redhat:enterprise_linux:9::appstream"],"versions":[{"version":"0:1.14.1-1.el9_5.1","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"xorg-x11-server","cpes":["cpe:/a:redhat:enterprise_linux:9::appstream","cpe:/a:redhat:enterprise_linux:9::crb"],"versions":[{"version":"0:1.20.11-28.el9_6","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"xorg-x11-server-Xwayland","cpes":["cpe:/a:redhat:enterprise_linux:9::appstream","cpe:/a:redhat:enterprise_linux:9::crb"],"versions":[{"version":"0:23.2.7-3.el9_6","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"tigervnc","cpes":["cpe:/a:redhat:rhel_e4s:9.0::appstream"],"versions":[{"version":"0:1.11.0-22.el9_0.13","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9.2 Extended Update Support","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"tigervnc","cpes":["cpe:/a:redhat:rhel_eus:9.2::appstream"],"versions":[{"version":"0:1.12.0-14.el9_2.10","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9.4 Extended Update Support","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"tigervnc","cpes":["cpe:/a:redhat:rhel_eus:9.4::appstream"],"versions":[{"version":"0:1.13.1-8.el9_4.5","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 6","defaultStatus":"unknown","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"xorg-x11-server","cpes":["cpe:/o:redhat:enterprise_linux:6"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8","defaultStatus":"unaffected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"xorg-x11-server","cpes":["cpe:/o:redhat:enterprise_linux:8"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8","defaultStatus":"unaffected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"xorg-x11-server-Xwayland","cpes":["cpe:/o:redhat:enterprise_linux:8"]}]}],"metrics":{"cvssMetricV31":[{"source":"secalert@redhat.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-02-25T16:08:41.554166Z","id":"CVE-2025-26601","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"secalert@redhat.com","type":"Secondary","description":[{"lang":"en","value":"CWE-416"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-416"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:tigervnc:tigervnc:-:*:*:*:*:*:*:*","matchCriteriaId":"79A8316C-BA22-441E-92AF-415AFABCEB76"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:x.org:x_server:*:*:*:*:*:*:*:*","versionEndExcluding":"21.1.16","matchCriteriaId":"07E5F462-A20F-472C-85E7-804D46F01A7A"},{"vulnerable":true,"criteria":"cpe:2.3:a:x.org:xwayland:*:*:*:*:*:*:*:*","versionEndExcluding":"24.1.6","matchCriteriaId":"1CBC57E6-F54D-4B54-9263-9753CCA3EEF7"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*","matchCriteriaId":"142AD0DD-4CF3-4D74-9442-459CE3347E3A"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*","matchCriteriaId":"F4CFF558-3C47-480D-A2F0-BABF26042943"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*","matchCriteriaId":"7F6FB57C-2BC7-487C-96DD-132683AEB35D"}]}]}],"references":[{"url":"https://access.redhat.com/errata/RHSA-2025:2500","source":"secalert@redhat.com","tags":["Third Party Advisory"]},{"url":"https://access.redhat.com/errata/RHSA-2025:2502","source":"secalert@redhat.com","tags":["Third Party Advisory"]},{"url":"https://access.redhat.com/errata/RHSA-2025:2861","source":"secalert@redhat.com","tags":["Third Party Advisory"]},{"url":"https://access.redhat.com/errata/RHSA-2025:2862","source":"secalert@redhat.com","tags":["Third Party Advisory"]},{"url":"https://access.redhat.com/errata/RHSA-2025:2865","source":"secalert@redhat.com","tags":["Third Party Advisory"]},{"url":"https://access.redhat.com/errata/RHSA-2025:2866","source":"secalert@redhat.com","tags":["Third Party Advisory"]},{"url":"https://access.redhat.com/errata/RHSA-2025:2873","source":"secalert@redhat.com","tags":["Third Party Advisory"]},{"url":"https://access.redhat.com/errata/RHSA-2025:2874","source":"secalert@redhat.com","tags":["Third Party Advisory"]},{"url":"https://access.redhat.com/errata/RHSA-2025:2875","source":"secalert@redhat.com","tags":["Third Party Advisory"]},{"url":"https://access.redhat.com/errata/RHSA-2025:2879","source":"secalert@redhat.com","tags":["Third Party Advisory"]},{"url":"https://access.redhat.com/errata/RHSA-2025:2880","source":"secalert@redhat.com","tags":["Third Party Advisory"]},{"url":"https://access.redhat.com/errata/RHSA-2025:3976","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:7163","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:7165","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:7458","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/security/cve/CVE-2025-26601","source":"secalert@redhat.com","tags":["Third Party Advisory"]},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2345251","source":"secalert@redhat.com","tags":["Issue Tracking"]},{"url":"https://lists.debian.org/debian-lts-announce/2025/02/msg00036.html","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://security.netapp.com/advisory/ntap-20250516-0004/","source":"af854a3a-2127-422b-91ae-364da2661108"}]}},{"cve":{"id":"CVE-2025-3155","sourceIdentifier":"secalert@redhat.com","published":"2025-04-03T14:15:46.413","lastModified":"2026-06-29T21:16:36.250","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"A flaw was found in Yelp. The Gnome user help application allows the help document to execute arbitrary scripts. This vulnerability allows malicious users to input help documents, which may exfiltrate user files to an external environment."},{"lang":"es","value":"Se detectó una falla en Yelp. La aplicación de ayuda al usuario de Gnome permite que el documento de ayuda ejecute scripts arbitrarios. Esta vulnerabilidad permite a usuarios maliciosos introducir documentos de ayuda, lo que puede filtrar archivos del usuario a un entorno externo."}],"affected":[{"source":"secalert@redhat.com","affectedData":[{"defaultStatus":"unaffected","collectionURL":"https://gitlab.gnome.org/GNOME/yelp/","packageName":"yelp","versions":[{"version":"0","lessThan":"42.2-8","versionType":"rpm","status":"affected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"yelp","cpes":["cpe:/a:redhat:enterprise_linux:8::appstream","cpe:/a:redhat:enterprise_linux:8::crb"],"versions":[{"version":"2:3.28.1-3.el8_10.1","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"yelp-xsl","cpes":["cpe:/a:redhat:enterprise_linux:8::appstream","cpe:/a:redhat:enterprise_linux:8::crb"],"versions":[{"version":"0:3.28.0-2.el8_10.1","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.2 Advanced Update Support","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"yelp","cpes":["cpe:/a:redhat:rhel_aus:8.2::appstream"],"versions":[{"version":"2:3.28.1-3.el8_2.1","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"yelp","cpes":["cpe:/a:redhat:rhel_aus:8.4::appstream","cpe:/a:redhat:rhel_e4s:8.4::appstream","cpe:/a:redhat:rhel_tus:8.4::appstream"],"versions":[{"version":"2:3.28.1-3.el8_4.1","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.4 Telecommunications Update Service","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"yelp","cpes":["cpe:/a:redhat:rhel_aus:8.4::appstream","cpe:/a:redhat:rhel_e4s:8.4::appstream","cpe:/a:redhat:rhel_tus:8.4::appstream"],"versions":[{"version":"2:3.28.1-3.el8_4.1","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"yelp","cpes":["cpe:/a:redhat:rhel_aus:8.4::appstream","cpe:/a:redhat:rhel_e4s:8.4::appstream","cpe:/a:redhat:rhel_tus:8.4::appstream"],"versions":[{"version":"2:3.28.1-3.el8_4.1","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"yelp","cpes":["cpe:/a:redhat:rhel_aus:8.6::appstream","cpe:/a:redhat:rhel_e4s:8.6::appstream","cpe:/a:redhat:rhel_tus:8.6::appstream"],"versions":[{"version":"2:3.28.1-3.el8_6.1","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.6 Telecommunications Update Service","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"yelp","cpes":["cpe:/a:redhat:rhel_aus:8.6::appstream","cpe:/a:redhat:rhel_e4s:8.6::appstream","cpe:/a:redhat:rhel_tus:8.6::appstream"],"versions":[{"version":"2:3.28.1-3.el8_6.1","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"yelp","cpes":["cpe:/a:redhat:rhel_aus:8.6::appstream","cpe:/a:redhat:rhel_e4s:8.6::appstream","cpe:/a:redhat:rhel_tus:8.6::appstream"],"versions":[{"version":"2:3.28.1-3.el8_6.1","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.8 Extended Update Support","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"yelp","cpes":["cpe:/a:redhat:rhel_eus:8.8::appstream","cpe:/a:redhat:rhel_eus:8.8::crb"],"versions":[{"version":"2:3.28.1-3.el8_8.1","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"yelp","cpes":["cpe:/a:redhat:enterprise_linux:9::appstream","cpe:/a:redhat:enterprise_linux:9::crb"],"versions":[{"version":"2:40.3-2.el9_6.1","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"yelp","cpes":["cpe:/a:redhat:rhel_e4s:9.0::appstream"],"versions":[{"version":"2:40.3-2.el9_0.1","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9.2 Extended Update Support","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"yelp","cpes":["cpe:/a:redhat:rhel_eus:9.2::appstream","cpe:/a:redhat:rhel_eus:9.2::crb"],"versions":[{"version":"2:40.3-2.el9_2.1","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9.4 Extended Update Support","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"yelp","cpes":["cpe:/a:redhat:rhel_eus:9.4::appstream","cpe:/a:redhat:rhel_eus:9.4::crb"],"versions":[{"version":"2:40.3-2.el9_4.1","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 6","defaultStatus":"unknown","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"yelp","cpes":["cpe:/o:redhat:enterprise_linux:6"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 7","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"yelp","cpes":["cpe:/o:redhat:enterprise_linux:7"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 7","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"yelp-xsl","cpes":["cpe:/o:redhat:enterprise_linux:7"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"yelp-xsl","cpes":["cpe:/o:redhat:enterprise_linux:9"]}]}],"metrics":{"cvssMetricV31":[{"source":"secalert@redhat.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N","baseScore":7.4,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":4.0}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-04-08T12:58:45.628086Z","id":"CVE-2025-3155","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"secalert@redhat.com","type":"Secondary","description":[{"lang":"en","value":"CWE-601"}]},{"source":"nvd@nist.gov","type":"Secondary","description":[{"lang":"en","value":"CWE-601"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:gnome:yelp:42.2-8:*:*:*:*:*:*:*","matchCriteriaId":"F8315E3B-0799-482A-922B-7F67AECA222B"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*","matchCriteriaId":"FA6FEEC2-9F11-4643-8827-749718254FED"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:redhat:codeready_linux_builder:8.0:*:*:*:*:*:*:*","matchCriteriaId":"93A089E2-D66E-455C-969A-3140D991BAF4"},{"vulnerable":true,"criteria":"cpe:2.3:a:redhat:codeready_linux_builder:9.0:*:*:*:*:*:*:*","matchCriteriaId":"2ABBAA9E-CCBA-480B-ABB5-454448D91262"},{"vulnerable":true,"criteria":"cpe:2.3:a:redhat:codeready_linux_builder_for_arm64:8.0_aarch64:*:*:*:*:*:*:*","matchCriteriaId":"D206176C-6B2B-4BED-A3A2-AE39A41CB3C5"},{"vulnerable":true,"criteria":"cpe:2.3:a:redhat:codeready_linux_builder_for_arm64:9.0_aarch64:*:*:*:*:*:*:*","matchCriteriaId":"910C9542-26FC-4635-9351-128727971830"},{"vulnerable":true,"criteria":"cpe:2.3:a:redhat:codeready_linux_builder_for_arm64_eus:8.8_aarch64:*:*:*:*:*:*:*","matchCriteriaId":"547DCB0A-32F0-4BC9-BCA4-EA50064DA5D6"},{"vulnerable":true,"criteria":"cpe:2.3:a:redhat:codeready_linux_builder_for_arm64_eus:9.2_aarch64:*:*:*:*:*:*:*","matchCriteriaId":"09AAD850-019A-46B8-A5A1-845DE048D30A"},{"vulnerable":true,"criteria":"cpe:2.3:a:redhat:codeready_linux_builder_for_arm64_eus:9.4_aarch64:*:*:*:*:*:*:*","matchCriteriaId":"88F9EB73-1F19-4BD9-AB19-36F9F1A5156E"},{"vulnerable":true,"criteria":"cpe:2.3:a:redhat:codeready_linux_builder_for_arm64_eus:9.6_aarch64:*:*:*:*:*:*:*","matchCriteriaId":"800018EE-9FCC-4F14-92DB-EB54356F0DE1"},{"vulnerable":true,"criteria":"cpe:2.3:a:redhat:codeready_linux_builder_for_eus:8.8:*:*:*:*:*:*:*","matchCriteriaId":"8714D60B-F850-4502-A0A1-0F9F7FCBBA2C"},{"vulnerable":true,"criteria":"cpe:2.3:a:redhat:codeready_linux_builder_for_eus:9.2:*:*:*:*:*:*:*","matchCriteriaId":"CC66079B-F509-4D3D-82F6-09E9BFC546AD"},{"vulnerable":true,"criteria":"cpe:2.3:a:redhat:codeready_linux_builder_for_eus:9.4:*:*:*:*:*:*:*","matchCriteriaId":"122568F4-9EBA-474F-8395-D0EFFEE88691"},{"vulnerable":true,"criteria":"cpe:2.3:a:redhat:codeready_linux_builder_for_ibm_z_systems:8.0_s390x:*:*:*:*:*:*:*","matchCriteriaId":"55CF7208-4D36-4C35-92BC-F6EA2C8DEDE1"},{"vulnerable":true,"criteria":"cpe:2.3:a:redhat:codeready_linux_builder_for_ibm_z_systems:9.0_s390x:*:*:*:*:*:*:*","matchCriteriaId":"CA3C5EAE-267F-410F-8AFA-8F5B68A9E617"},{"vulnerable":true,"criteria":"cpe:2.3:a:redhat:codeready_linux_builder_for_ibm_z_systems_eus:8.8_s390x:*:*:*:*:*:*:*","matchCriteriaId":"DA92752D-53D2-48EC-B44F-CAF41C531162"},{"vulnerable":true,"criteria":"cpe:2.3:a:redhat:codeready_linux_builder_for_ibm_z_systems_eus:9.2_s390x:*:*:*:*:*:*:*","matchCriteriaId":"86034E5B-BCDD-4AFD-A460-38E790F608F5"},{"vulnerable":true,"criteria":"cpe:2.3:a:redhat:codeready_linux_builder_for_ibm_z_systems_eus:9.4_s390x:*:*:*:*:*:*:*","matchCriteriaId":"35232613-B8B5-4F4D-A6CD-3823C6666534"},{"vulnerable":true,"criteria":"cpe:2.3:a:redhat:codeready_linux_builder_for_ibm_z_systems_eus:9.6_s390x:*:*:*:*:*:*:*","matchCriteriaId":"1050EBC8-F338-4450-8288-62D72E82147A"},{"vulnerable":true,"criteria":"cpe:2.3:a:redhat:codeready_linux_builder_for_power_little_endian:8.0_ppc64le:*:*:*:*:*:*:*","matchCriteriaId":"F791F846-7762-40E0-9056-032FD10F2046"},{"vulnerable":true,"criteria":"cpe:2.3:a:redhat:codeready_linux_builder_for_power_little_endian:9.0_ppc64le:*:*:*:*:*:*:*","matchCriteriaId":"7B3D7389-35C1-48C4-A9EC-2564842723C4"},{"vulnerable":true,"criteria":"cpe:2.3:a:redhat:codeready_linux_builder_for_power_little_endian_eus:8.8_ppc64le:*:*:*:*:*:*:*","matchCriteriaId":"C9795CF6-CBEB-4FE4-BAAC-D9D514C6B5B6"},{"vulnerable":true,"criteria":"cpe:2.3:a:redhat:codeready_linux_builder_for_power_little_endian_eus:9.2_ppc64le:*:*:*:*:*:*:*","matchCriteriaId":"C2ED1251-245C-4390-8964-DDCAD54A8957"},{"vulnerable":true,"criteria":"cpe:2.3:a:redhat:codeready_linux_builder_for_power_little_endian_eus:9.4_ppc64le:*:*:*:*:*:*:*","matchCriteriaId":"03A1BB59-4BE6-4339-ABB7-C18B7D899FB9"},{"vulnerable":true,"criteria":"cpe:2.3:a:redhat:codeready_linux_builder_for_power_little_endian_eus:9.6_ppc64le:*:*:*:*:*:*:*","matchCriteriaId":"404D6B0B-807A-4916-9BF7-D83EB138E22F"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*","matchCriteriaId":"F4CFF558-3C47-480D-A2F0-BABF26042943"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*","matchCriteriaId":"7F6FB57C-2BC7-487C-96DD-132683AEB35D"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux_eus:9.2:*:*:*:*:*:*:*","matchCriteriaId":"3C74F6FA-FA6C-4648-9079-91446E45EE47"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux_eus:9.4:*:*:*:*:*:*:*","matchCriteriaId":"B03506D7-0FCD-47B7-90F6-DDEEB5C5A733"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux_eus:9.6:*:*:*:*:*:*:*","matchCriteriaId":"C4CF8D2F-DACA-49C2-A9F4-63496B0A9A80"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux_for_arm_64:8.0:*:*:*:*:*:*:*","matchCriteriaId":"3F797F2E-00E6-4D03-A94E-524227529A0A"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux_for_arm_64:8.8_aarch64:*:*:*:*:*:*:*","matchCriteriaId":"F7F8A347-0ACE-40E4-BF7B-656D66DDB425"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux_for_arm_64:9.0_aarch64:*:*:*:*:*:*:*","matchCriteriaId":"2F7DAD7C-9369-4A87-A1D0-4208D3AF0CDC"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux_for_arm_64:9.2_aarch64:*:*:*:*:*:*:*","matchCriteriaId":"D85E0DBA-A856-472A-8271-A4F37C35F952"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux_for_arm_64_eus:9.4_aarch64:*:*:*:*:*:*:*","matchCriteriaId":"01363FFA-F7A6-43FC-8D47-E67F95410095"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux_for_arm_64_eus:9.6_aarch64:*:*:*:*:*:*:*","matchCriteriaId":"CA15BFFC-B8E8-4EE3-8E14-8C95DF6C99C4"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:8.0_s390x:*:*:*:*:*:*:*","matchCriteriaId":"32AF225E-94C0-4D07-900C-DD868C05F554"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:9.0_s390x:*:*:*:*:*:*:*","matchCriteriaId":"FB056B47-1F45-4CE4-81F6-872F66C24C29"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:8.8_s390x:*:*:*:*:*:*:*","matchCriteriaId":"22C65F53-D624-48A9-A9B7-4C78A31E19F9"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:9.2_s390x:*:*:*:*:*:*:*","matchCriteriaId":"26041661-0280-4544-AA0A-BC28FCED4699"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:9.4_s390x:*:*:*:*:*:*:*","matchCriteriaId":"F843B777-5C64-4CAE-80D6-89DC2C9515B1"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:9.6_s390x:*:*:*:*:*:*:*","matchCriteriaId":"778ACA25-ED77-4EFC-A183-DE094C58B268"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian:8.0_ppc64le:*:*:*:*:*:*:*","matchCriteriaId":"23D471AC-7DCA-4425-AD91-E5D928753A8C"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian:9.0_ppc64le:*:*:*:*:*:*:*","matchCriteriaId":"E07C1C58-0E5F-4B56-9B8D-5DE67DB00F79"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:8.8_ppc64le:*:*:*:*:*:*:*","matchCriteriaId":"F91F9255-4EE1-43C7-8831-D2B6C228BFD9"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:9.2_ppc64le:*:*:*:*:*:*:*","matchCriteriaId":"99952557-C766-4B9E-8BF5-DBBA194349FF"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:9.4_ppc64le:*:*:*:*:*:*:*","matchCriteriaId":"FC3CBA5D-9E5D-4C46-B37E-7BB35BE8DADB"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:9.6_ppc64le:*:*:*:*:*:*:*","matchCriteriaId":"0516993E-CBD5-44F1-8684-7172C9ABFD0A"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux_server_aus:8.2:*:*:*:*:*:*:*","matchCriteriaId":"6897676D-53F9-45B3-B27F-7FF9A4C58D33"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux_server_aus:8.4:*:*:*:*:*:*:*","matchCriteriaId":"E28F226A-CBC7-4A32-BE58-398FA5B42481"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux_server_aus:8.6:*:*:*:*:*:*:*","matchCriteriaId":"76C24D94-834A-4E9D-8F73-624AFA99AAA2"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux_server_aus:9.2:*:*:*:*:*:*:*","matchCriteriaId":"F32CA554-F9D7-425B-8F1C-89678507F28C"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux_server_aus:9.4:*:*:*:*:*:*:*","matchCriteriaId":"39D345D3-108A-4551-A112-5EE51991411A"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux_server_aus:9.6:*:*:*:*:*:*:*","matchCriteriaId":"0FDD919E-B7FE-4EC5-8D6B-EC9A4723D6E2"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux_server_tus:8.4:*:*:*:*:*:*:*","matchCriteriaId":"AC10D919-57FD-4725-B8D2-39ECB476902F"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux_server_tus:8.6:*:*:*:*:*:*:*","matchCriteriaId":"1272DF03-7674-4BD4-8E64-94004B195448"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux_server_tus:8.8:*:*:*:*:*:*:*","matchCriteriaId":"F1CA946D-1665-4874-9D41-C7D963DD1F56"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux_update_services_for_sap_solutions:8.4:*:*:*:*:*:*:*","matchCriteriaId":"E881C927-DF96-4D2E-9887-FF12E456B1FB"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux_update_services_for_sap_solutions:8.6:*:*:*:*:*:*:*","matchCriteriaId":"FB096D5D-E8F6-4164-8B76-0217B7151D30"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux_update_services_for_sap_solutions:8.8:*:*:*:*:*:*:*","matchCriteriaId":"01ED4F33-EBE7-4C04-8312-3DA580EFFB68"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux_update_services_for_sap_solutions:9.0:*:*:*:*:*:*:*","matchCriteriaId":"083AAC55-E87B-482A-A1F4-8F2DEB90CB23"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux_update_services_for_sap_solutions:9.2:*:*:*:*:*:*:*","matchCriteriaId":"1FD9BF0E-7ACF-4A83-B754-6E3979ED903F"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux_update_services_for_sap_solutions:9.4:*:*:*:*:*:*:*","matchCriteriaId":"18B7F648-9A31-4EE5-A215-C860616A4AB7"}]}]}],"references":[{"url":"https://access.redhat.com/errata/RHSA-2025:4450","source":"secalert@redhat.com","tags":["Third Party Advisory"]},{"url":"https://access.redhat.com/errata/RHSA-2025:4451","source":"secalert@redhat.com","tags":["Third Party Advisory"]},{"url":"https://access.redhat.com/errata/RHSA-2025:4455","source":"secalert@redhat.com","tags":["Third Party Advisory"]},{"url":"https://access.redhat.com/errata/RHSA-2025:4456","source":"secalert@redhat.com","tags":["Third Party Advisory"]},{"url":"https://access.redhat.com/errata/RHSA-2025:4457","source":"secalert@redhat.com","tags":["Third Party Advisory"]},{"url":"https://access.redhat.com/errata/RHSA-2025:4505","source":"secalert@redhat.com","tags":["Third Party Advisory"]},{"url":"https://access.redhat.com/errata/RHSA-2025:4532","source":"secalert@redhat.com","tags":["Third Party Advisory"]},{"url":"https://access.redhat.com/errata/RHSA-2025:7430","source":"secalert@redhat.com","tags":["Third Party Advisory"]},{"url":"https://access.redhat.com/errata/RHSA-2025:7569","source":"secalert@redhat.com","tags":["Third Party Advisory"]},{"url":"https://access.redhat.com/security/cve/CVE-2025-3155","source":"secalert@redhat.com","tags":["Third Party Advisory"]},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2357091","source":"secalert@redhat.com","tags":["Exploit","Issue Tracking","Third Party Advisory"]},{"url":"https://gitlab.gnome.org/GNOME/yelp/-/issues/221","source":"secalert@redhat.com"},{"url":"http://www.openwall.com/lists/oss-security/2025/04/04/1","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Mailing List"]},{"url":"https://lists.debian.org/debian-lts-announce/2025/05/msg00036.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Mailing List"]},{"url":"https://lists.debian.org/debian-lts-announce/2025/05/msg00037.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Mailing List"]},{"url":"https://gist.github.com/parrot409/e970b155358d45b298d7024edd9b17f2","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2025-32906","sourceIdentifier":"secalert@redhat.com","published":"2025-04-14T14:15:24.433","lastModified":"2026-06-29T21:16:35.410","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"A flaw was found in libsoup, where the soup_headers_parse_request() function may be vulnerable to an out-of-bound read. This flaw allows a malicious user to use a specially crafted HTTP request to crash the HTTP server."},{"lang":"es","value":"Se encontró una falla en libsoup, donde la función soup_headers_parse_request() podría ser vulnerable a una lectura fuera de los límites. Esta falla permite que un usuario malintencionado utilice una solicitud HTTP especialmente manipulada para bloquear el servidor HTTP."}],"affected":[{"source":"secalert@redhat.com","affectedData":[{"defaultStatus":"unaffected","collectionURL":"https://gitlab.gnome.org/GNOME/libsoup/","packageName":"libsoup","versions":[{"version":"0","lessThan":"3.6.5","versionType":"semver","status":"affected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 10","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"libsoup3","cpes":["cpe:/o:redhat:enterprise_linux:10.0"],"versions":[{"version":"0:3.6.5-3.el10_0","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 7 Extended Lifecycle Support","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"libsoup","cpes":["cpe:/o:redhat:rhel_els:7"],"versions":[{"version":"0:2.62.2-9.el7_9","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 7 Extended Lifecycle Support","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"libsoup","cpes":["cpe:/o:redhat:rhel_els:7"],"versions":[{"version":"0:2.62.2-6.el7_9","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"libsoup","cpes":["cpe:/a:redhat:enterprise_linux:8::appstream","cpe:/o:redhat:enterprise_linux:8::baseos"],"versions":[{"version":"0:2.62.3-8.el8_10","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"mingw-freetype","cpes":["cpe:/a:redhat:enterprise_linux:8::appstream","cpe:/a:redhat:enterprise_linux:8::crb"],"versions":[{"version":"0:2.8-3.el8_10.1","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"spice-client-win","cpes":["cpe:/a:redhat:enterprise_linux:8::appstream","cpe:/a:redhat:enterprise_linux:8::crb"],"versions":[{"version":"0:8.10-1","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"libsoup","cpes":["cpe:/a:redhat:enterprise_linux:8::appstream","cpe:/o:redhat:enterprise_linux:8::baseos"],"versions":[{"version":"0:2.62.3-8.el8_10","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.2 Advanced Update Support","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"libsoup","cpes":["cpe:/a:redhat:rhel_aus:8.2::appstream","cpe:/o:redhat:rhel_aus:8.2::baseos"],"versions":[{"version":"0:2.62.3-1.el8_2.4","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"libsoup","cpes":["cpe:/a:redhat:rhel_aus:8.4::appstream","cpe:/a:redhat:rhel_e4s:8.4::appstream","cpe:/a:redhat:rhel_tus:8.4::appstream","cpe:/o:redhat:rhel_aus:8.4::baseos","cpe:/o:redhat:rhel_e4s:8.4::baseos","cpe:/o:redhat:rhel_tus:8.4::baseos"],"versions":[{"version":"0:2.62.3-2.el8_4.4","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.4 Telecommunications Update Service","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"libsoup","cpes":["cpe:/a:redhat:rhel_aus:8.4::appstream","cpe:/a:redhat:rhel_e4s:8.4::appstream","cpe:/a:redhat:rhel_tus:8.4::appstream","cpe:/o:redhat:rhel_aus:8.4::baseos","cpe:/o:redhat:rhel_e4s:8.4::baseos","cpe:/o:redhat:rhel_tus:8.4::baseos"],"versions":[{"version":"0:2.62.3-2.el8_4.4","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"libsoup","cpes":["cpe:/a:redhat:rhel_aus:8.4::appstream","cpe:/a:redhat:rhel_e4s:8.4::appstream","cpe:/a:redhat:rhel_tus:8.4::appstream","cpe:/o:redhat:rhel_aus:8.4::baseos","cpe:/o:redhat:rhel_e4s:8.4::baseos","cpe:/o:redhat:rhel_tus:8.4::baseos"],"versions":[{"version":"0:2.62.3-2.el8_4.4","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"libsoup","cpes":["cpe:/a:redhat:rhel_aus:8.6::appstream","cpe:/a:redhat:rhel_e4s:8.6::appstream","cpe:/a:redhat:rhel_tus:8.6::appstream","cpe:/o:redhat:rhel_aus:8.6::baseos","cpe:/o:redhat:rhel_e4s:8.6::baseos","cpe:/o:redhat:rhel_tus:8.6::baseos"],"versions":[{"version":"0:2.62.3-2.el8_6.4","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.6 Telecommunications Update Service","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"libsoup","cpes":["cpe:/a:redhat:rhel_aus:8.6::appstream","cpe:/a:redhat:rhel_e4s:8.6::appstream","cpe:/a:redhat:rhel_tus:8.6::appstream","cpe:/o:redhat:rhel_aus:8.6::baseos","cpe:/o:redhat:rhel_e4s:8.6::baseos","cpe:/o:redhat:rhel_tus:8.6::baseos"],"versions":[{"version":"0:2.62.3-2.el8_6.4","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"libsoup","cpes":["cpe:/a:redhat:rhel_aus:8.6::appstream","cpe:/a:redhat:rhel_e4s:8.6::appstream","cpe:/a:redhat:rhel_tus:8.6::appstream","cpe:/o:redhat:rhel_aus:8.6::baseos","cpe:/o:redhat:rhel_e4s:8.6::baseos","cpe:/o:redhat:rhel_tus:8.6::baseos"],"versions":[{"version":"0:2.62.3-2.el8_6.4","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.8 Extended Update Support","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"libsoup","cpes":["cpe:/a:redhat:rhel_eus:8.8::appstream","cpe:/o:redhat:rhel_eus:8.8::baseos"],"versions":[{"version":"0:2.62.3-3.el8_8.4","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"libsoup","cpes":["cpe:/a:redhat:enterprise_linux:9::appstream"],"versions":[{"version":"0:2.72.0-10.el9_6.1","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"libsoup","cpes":["cpe:/a:redhat:rhel_e4s:9.0::appstream"],"versions":[{"version":"0:2.72.0-8.el9_0.4","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9.2 Extended Update Support","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"libsoup","cpes":["cpe:/a:redhat:rhel_eus:9.2::appstream"],"versions":[{"version":"0:2.72.0-8.el9_2.4","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9.4 Extended Update Support","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"libsoup","cpes":["cpe:/a:redhat:rhel_eus:9.4::appstream"],"versions":[{"version":"0:2.72.0-8.el9_4.4","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 6","defaultStatus":"unknown","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"libsoup","cpes":["cpe:/o:redhat:enterprise_linux:6"]}]}],"metrics":{"cvssMetricV31":[{"source":"secalert@redhat.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-04-14T14:13:49.519508Z","id":"CVE-2025-32906","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"secalert@redhat.com","type":"Secondary","description":[{"lang":"en","value":"CWE-125"}]}],"references":[{"url":"https://access.redhat.com/errata/RHSA-2025:21657","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:4439","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:4440","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:4508","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:4538","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:4560","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:4568","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:4609","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:4624","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:7436","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:7505","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:8292","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:9179","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/security/cve/CVE-2025-32906","source":"secalert@redhat.com"},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2359341","source":"secalert@redhat.com"},{"url":"https://gitlab.gnome.org/GNOME/libsoup/-/issues/404","source":"secalert@redhat.com"},{"url":"https://lists.debian.org/debian-lts-announce/2025/04/msg00036.html","source":"af854a3a-2127-422b-91ae-364da2661108"}]}},{"cve":{"id":"CVE-2025-32908","sourceIdentifier":"secalert@redhat.com","published":"2025-04-14T14:15:24.717","lastModified":"2026-06-29T21:16:35.660","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"A flaw was found in libsoup. The HTTP/2 server in libsoup may not fully validate the values of pseudo-headers :scheme, :authority, and :path, which may allow a user to cause a denial of service (DoS)."},{"lang":"es","value":"Se encontró una falla en libsoup. El servidor HTTP/2 de libsoup podría no validar completamente los valores de los pseudoencabezados :scheme, :authority y :path, lo que podría permitir que un usuario provoque una denegación de servicio (DoS)."}],"affected":[{"source":"secalert@redhat.com","affectedData":[{"defaultStatus":"unaffected","collectionURL":"https://gitlab.gnome.org/GNOME/libsoup/","packageName":"libsoup","versions":[{"version":"0","lessThan":"3.6.5","versionType":"semver","status":"affected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 10","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"libsoup3","cpes":["cpe:/o:redhat:enterprise_linux:10.0"],"versions":[{"version":"0:3.6.5-3.el10_0","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 6","defaultStatus":"unknown","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"libsoup","cpes":["cpe:/o:redhat:enterprise_linux:6"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 7","defaultStatus":"unaffected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"libsoup","cpes":["cpe:/o:redhat:enterprise_linux:7"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8","defaultStatus":"unaffected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"libsoup","cpes":["cpe:/o:redhat:enterprise_linux:8"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9","defaultStatus":"unaffected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"libsoup","cpes":["cpe:/o:redhat:enterprise_linux:9"]}]}],"metrics":{"cvssMetricV31":[{"source":"secalert@redhat.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-04-14T14:12:19.790872Z","id":"CVE-2025-32908","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"secalert@redhat.com","type":"Secondary","description":[{"lang":"en","value":"CWE-115"}]}],"references":[{"url":"https://access.redhat.com/errata/RHSA-2025:7505","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/security/cve/CVE-2025-32908","source":"secalert@redhat.com"},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2359343","source":"secalert@redhat.com"},{"url":"https://gitlab.gnome.org/GNOME/libsoup/-/issues/429","source":"secalert@redhat.com"},{"url":"https://gitlab.gnome.org/GNOME/libsoup/-/merge_requests/451","source":"secalert@redhat.com"}]}},{"cve":{"id":"CVE-2025-32913","sourceIdentifier":"secalert@redhat.com","published":"2025-04-14T14:15:24.860","lastModified":"2026-06-29T21:16:36.017","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"A flaw was found in libsoup, where the soup_message_headers_get_content_disposition() function is vulnerable to a NULL pointer dereference. This flaw allows a malicious HTTP peer to crash a libsoup client or server that uses this function."},{"lang":"es","value":"Se encontró una falla en libsoup donde la función soup_message_headers_get_content_disposition() es vulnerable a una desreferencia de puntero NULL. Esta falla permite que un par HTTP malicioso bloquee un cliente o servidor de libsoup que utilice esta función."}],"affected":[{"source":"secalert@redhat.com","affectedData":[{"defaultStatus":"unaffected","collectionURL":"https://gitlab.gnome.org/GNOME/libsoup/","packageName":"libsoup","versions":[{"version":"0","lessThan":"3.6.2","versionType":"semver","status":"affected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 7 Extended Lifecycle Support","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"libsoup","cpes":["cpe:/o:redhat:rhel_els:7"],"versions":[{"version":"0:2.62.2-9.el7_9","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 7 Extended Lifecycle Support","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"libsoup","cpes":["cpe:/o:redhat:rhel_els:7"],"versions":[{"version":"0:2.62.2-6.el7_9","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"libsoup","cpes":["cpe:/a:redhat:enterprise_linux:8::appstream","cpe:/o:redhat:enterprise_linux:8::baseos"],"versions":[{"version":"0:2.62.3-8.el8_10","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"mingw-freetype","cpes":["cpe:/a:redhat:enterprise_linux:8::appstream","cpe:/a:redhat:enterprise_linux:8::crb"],"versions":[{"version":"0:2.8-3.el8_10.1","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"spice-client-win","cpes":["cpe:/a:redhat:enterprise_linux:8::appstream","cpe:/a:redhat:enterprise_linux:8::crb"],"versions":[{"version":"0:8.10-1","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"libsoup","cpes":["cpe:/a:redhat:enterprise_linux:8::appstream","cpe:/o:redhat:enterprise_linux:8::baseos"],"versions":[{"version":"0:2.62.3-8.el8_10","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.2 Advanced Update Support","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"libsoup","cpes":["cpe:/a:redhat:rhel_aus:8.2::appstream","cpe:/o:redhat:rhel_aus:8.2::baseos"],"versions":[{"version":"0:2.62.3-1.el8_2.4","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"libsoup","cpes":["cpe:/a:redhat:rhel_aus:8.4::appstream","cpe:/a:redhat:rhel_e4s:8.4::appstream","cpe:/a:redhat:rhel_tus:8.4::appstream","cpe:/o:redhat:rhel_aus:8.4::baseos","cpe:/o:redhat:rhel_e4s:8.4::baseos","cpe:/o:redhat:rhel_tus:8.4::baseos"],"versions":[{"version":"0:2.62.3-2.el8_4.4","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.4 Telecommunications Update Service","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"libsoup","cpes":["cpe:/a:redhat:rhel_aus:8.4::appstream","cpe:/a:redhat:rhel_e4s:8.4::appstream","cpe:/a:redhat:rhel_tus:8.4::appstream","cpe:/o:redhat:rhel_aus:8.4::baseos","cpe:/o:redhat:rhel_e4s:8.4::baseos","cpe:/o:redhat:rhel_tus:8.4::baseos"],"versions":[{"version":"0:2.62.3-2.el8_4.4","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"libsoup","cpes":["cpe:/a:redhat:rhel_aus:8.4::appstream","cpe:/a:redhat:rhel_e4s:8.4::appstream","cpe:/a:redhat:rhel_tus:8.4::appstream","cpe:/o:redhat:rhel_aus:8.4::baseos","cpe:/o:redhat:rhel_e4s:8.4::baseos","cpe:/o:redhat:rhel_tus:8.4::baseos"],"versions":[{"version":"0:2.62.3-2.el8_4.4","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"libsoup","cpes":["cpe:/a:redhat:rhel_aus:8.6::appstream","cpe:/a:redhat:rhel_e4s:8.6::appstream","cpe:/a:redhat:rhel_tus:8.6::appstream","cpe:/o:redhat:rhel_aus:8.6::baseos","cpe:/o:redhat:rhel_e4s:8.6::baseos","cpe:/o:redhat:rhel_tus:8.6::baseos"],"versions":[{"version":"0:2.62.3-2.el8_6.4","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.6 Telecommunications Update Service","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"libsoup","cpes":["cpe:/a:redhat:rhel_aus:8.6::appstream","cpe:/a:redhat:rhel_e4s:8.6::appstream","cpe:/a:redhat:rhel_tus:8.6::appstream","cpe:/o:redhat:rhel_aus:8.6::baseos","cpe:/o:redhat:rhel_e4s:8.6::baseos","cpe:/o:redhat:rhel_tus:8.6::baseos"],"versions":[{"version":"0:2.62.3-2.el8_6.4","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"libsoup","cpes":["cpe:/a:redhat:rhel_aus:8.6::appstream","cpe:/a:redhat:rhel_e4s:8.6::appstream","cpe:/a:redhat:rhel_tus:8.6::appstream","cpe:/o:redhat:rhel_aus:8.6::baseos","cpe:/o:redhat:rhel_e4s:8.6::baseos","cpe:/o:redhat:rhel_tus:8.6::baseos"],"versions":[{"version":"0:2.62.3-2.el8_6.4","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.8 Extended Update Support","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"libsoup","cpes":["cpe:/a:redhat:rhel_eus:8.8::appstream","cpe:/o:redhat:rhel_eus:8.8::baseos"],"versions":[{"version":"0:2.62.3-3.el8_8.4","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"libsoup","cpes":["cpe:/a:redhat:enterprise_linux:9::appstream"],"versions":[{"version":"0:2.72.0-10.el9_6.1","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"libsoup","cpes":["cpe:/a:redhat:rhel_e4s:9.0::appstream"],"versions":[{"version":"0:2.72.0-8.el9_0.4","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9.2 Extended Update Support","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"libsoup","cpes":["cpe:/a:redhat:rhel_eus:9.2::appstream"],"versions":[{"version":"0:2.72.0-8.el9_2.4","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9.4 Extended Update Support","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"libsoup","cpes":["cpe:/a:redhat:rhel_eus:9.4::appstream"],"versions":[{"version":"0:2.72.0-8.el9_4.4","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 10","defaultStatus":"unaffected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"libsoup3","cpes":["cpe:/o:redhat:enterprise_linux:10"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 6","defaultStatus":"unknown","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"libsoup","cpes":["cpe:/o:redhat:enterprise_linux:6"]}]}],"metrics":{"cvssMetricV31":[{"source":"secalert@redhat.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-04-14T13:54:02.941942Z","id":"CVE-2025-32913","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"secalert@redhat.com","type":"Secondary","description":[{"lang":"en","value":"CWE-476"}]}],"references":[{"url":"https://access.redhat.com/errata/RHSA-2025:21657","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:4439","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:4440","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:4508","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:4538","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:4560","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:4568","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:4609","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:4624","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:7436","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:8292","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:9179","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/security/cve/CVE-2025-32913","source":"secalert@redhat.com"},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2359357","source":"secalert@redhat.com"},{"url":"https://gitlab.gnome.org/GNOME/libsoup/-/issues/435","source":"secalert@redhat.com"},{"url":"https://lists.debian.org/debian-lts-announce/2025/04/msg00036.html","source":"af854a3a-2127-422b-91ae-364da2661108"}]}},{"cve":{"id":"CVE-2025-32911","sourceIdentifier":"secalert@redhat.com","published":"2025-04-15T16:16:06.567","lastModified":"2026-06-29T21:16:35.777","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"A use-after-free type vulnerability was found in libsoup, in the soup_message_headers_get_content_disposition() function. This flaw allows a malicious HTTP client to cause memory corruption in the libsoup server."},{"lang":"es","value":"Se encontró una falla en libsoup, vulnerable a un problema de use-after-free que no se encuentra en el montón en la función soup_message_headers_get_content_disposition(). Esta falla permite que un cliente HTTP malicioso cause corrupción de memoria en el servidor libsoup."}],"affected":[{"source":"secalert@redhat.com","affectedData":[{"defaultStatus":"unaffected","collectionURL":"https://gitlab.gnome.org/GNOME/libsoup/","packageName":"libsoup","versions":[{"version":"0","lessThan":"3.6.3","versionType":"semver","status":"affected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 7 Extended Lifecycle Support","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"libsoup","cpes":["cpe:/o:redhat:rhel_els:7"],"versions":[{"version":"0:2.62.2-9.el7_9","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 7 Extended Lifecycle Support","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"libsoup","cpes":["cpe:/o:redhat:rhel_els:7"],"versions":[{"version":"0:2.62.2-6.el7_9","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"libsoup","cpes":["cpe:/a:redhat:enterprise_linux:8::appstream","cpe:/o:redhat:enterprise_linux:8::baseos"],"versions":[{"version":"0:2.62.3-8.el8_10","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"mingw-freetype","cpes":["cpe:/a:redhat:enterprise_linux:8::appstream","cpe:/a:redhat:enterprise_linux:8::crb"],"versions":[{"version":"0:2.8-3.el8_10.1","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"spice-client-win","cpes":["cpe:/a:redhat:enterprise_linux:8::appstream","cpe:/a:redhat:enterprise_linux:8::crb"],"versions":[{"version":"0:8.10-1","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"libsoup","cpes":["cpe:/a:redhat:enterprise_linux:8::appstream","cpe:/o:redhat:enterprise_linux:8::baseos"],"versions":[{"version":"0:2.62.3-8.el8_10","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.2 Advanced Update Support","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"libsoup","cpes":["cpe:/a:redhat:rhel_aus:8.2::appstream","cpe:/o:redhat:rhel_aus:8.2::baseos"],"versions":[{"version":"0:2.62.3-1.el8_2.4","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"libsoup","cpes":["cpe:/a:redhat:rhel_aus:8.4::appstream","cpe:/a:redhat:rhel_e4s:8.4::appstream","cpe:/a:redhat:rhel_tus:8.4::appstream","cpe:/o:redhat:rhel_aus:8.4::baseos","cpe:/o:redhat:rhel_e4s:8.4::baseos","cpe:/o:redhat:rhel_tus:8.4::baseos"],"versions":[{"version":"0:2.62.3-2.el8_4.4","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.4 Telecommunications Update Service","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"libsoup","cpes":["cpe:/a:redhat:rhel_aus:8.4::appstream","cpe:/a:redhat:rhel_e4s:8.4::appstream","cpe:/a:redhat:rhel_tus:8.4::appstream","cpe:/o:redhat:rhel_aus:8.4::baseos","cpe:/o:redhat:rhel_e4s:8.4::baseos","cpe:/o:redhat:rhel_tus:8.4::baseos"],"versions":[{"version":"0:2.62.3-2.el8_4.4","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"libsoup","cpes":["cpe:/a:redhat:rhel_aus:8.4::appstream","cpe:/a:redhat:rhel_e4s:8.4::appstream","cpe:/a:redhat:rhel_tus:8.4::appstream","cpe:/o:redhat:rhel_aus:8.4::baseos","cpe:/o:redhat:rhel_e4s:8.4::baseos","cpe:/o:redhat:rhel_tus:8.4::baseos"],"versions":[{"version":"0:2.62.3-2.el8_4.4","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"libsoup","cpes":["cpe:/a:redhat:rhel_aus:8.6::appstream","cpe:/a:redhat:rhel_e4s:8.6::appstream","cpe:/a:redhat:rhel_tus:8.6::appstream","cpe:/o:redhat:rhel_aus:8.6::baseos","cpe:/o:redhat:rhel_e4s:8.6::baseos","cpe:/o:redhat:rhel_tus:8.6::baseos"],"versions":[{"version":"0:2.62.3-2.el8_6.4","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.6 Telecommunications Update Service","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"libsoup","cpes":["cpe:/a:redhat:rhel_aus:8.6::appstream","cpe:/a:redhat:rhel_e4s:8.6::appstream","cpe:/a:redhat:rhel_tus:8.6::appstream","cpe:/o:redhat:rhel_aus:8.6::baseos","cpe:/o:redhat:rhel_e4s:8.6::baseos","cpe:/o:redhat:rhel_tus:8.6::baseos"],"versions":[{"version":"0:2.62.3-2.el8_6.4","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"libsoup","cpes":["cpe:/a:redhat:rhel_aus:8.6::appstream","cpe:/a:redhat:rhel_e4s:8.6::appstream","cpe:/a:redhat:rhel_tus:8.6::appstream","cpe:/o:redhat:rhel_aus:8.6::baseos","cpe:/o:redhat:rhel_e4s:8.6::baseos","cpe:/o:redhat:rhel_tus:8.6::baseos"],"versions":[{"version":"0:2.62.3-2.el8_6.4","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.8 Extended Update Support","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"libsoup","cpes":["cpe:/a:redhat:rhel_eus:8.8::appstream","cpe:/o:redhat:rhel_eus:8.8::baseos"],"versions":[{"version":"0:2.62.3-3.el8_8.4","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"libsoup","cpes":["cpe:/a:redhat:enterprise_linux:9::appstream"],"versions":[{"version":"0:2.72.0-10.el9_6.1","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"libsoup","cpes":["cpe:/a:redhat:rhel_e4s:9.0::appstream"],"versions":[{"version":"0:2.72.0-8.el9_0.4","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9.2 Extended Update Support","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"libsoup","cpes":["cpe:/a:redhat:rhel_eus:9.2::appstream"],"versions":[{"version":"0:2.72.0-8.el9_2.4","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9.4 Extended Update Support","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"libsoup","cpes":["cpe:/a:redhat:rhel_eus:9.4::appstream"],"versions":[{"version":"0:2.72.0-8.el9_4.4","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 10","defaultStatus":"unaffected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"libsoup3","cpes":["cpe:/o:redhat:enterprise_linux:10"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 6","defaultStatus":"unknown","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"libsoup","cpes":["cpe:/o:redhat:enterprise_linux:6"]}]}],"metrics":{"cvssMetricV31":[{"source":"secalert@redhat.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H","baseScore":9.0,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.2,"impactScore":6.0}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-04-15T15:57:21.589990Z","id":"CVE-2025-32911","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"secalert@redhat.com","type":"Secondary","description":[{"lang":"en","value":"CWE-590"}]}],"references":[{"url":"https://access.redhat.com/errata/RHSA-2025:21657","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:4439","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:4440","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:4508","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:4538","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:4560","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:4568","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:4609","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:4624","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:7436","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:8292","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:9179","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/security/cve/CVE-2025-32911","source":"secalert@redhat.com"},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2359355","source":"secalert@redhat.com"},{"url":"https://gitlab.gnome.org/GNOME/libsoup/-/issues/433","source":"secalert@redhat.com"},{"url":"https://lists.debian.org/debian-lts-announce/2025/04/msg00036.html","source":"af854a3a-2127-422b-91ae-364da2661108"}]}},{"cve":{"id":"CVE-2025-29446","sourceIdentifier":"cve@mitre.org","published":"2025-04-21T17:15:23.883","lastModified":"2026-06-29T20:16:51.597","vulnStatus":"Rejected","cveTags":[],"descriptions":[{"lang":"en","value":"Rejected reason: DO NOT USE THIS CVE RECORD. ConsultIDs: none. Reason: This record was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none."}],"metrics":{},"references":[]}},{"cve":{"id":"CVE-2025-3891","sourceIdentifier":"secalert@redhat.com","published":"2025-04-29T12:15:32.137","lastModified":"2026-06-29T21:16:36.477","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"A flaw was found in the mod_auth_openidc module for Apache httpd. This flaw allows a remote, unauthenticated attacker to trigger a denial of service by sending an empty POST request when the OIDCPreservePost directive is enabled. The server crashes consistently, affecting availability."},{"lang":"es","value":"Se detectó una falla en el módulo mod_auth_openidc para Apache httpd. Esta falla permite que un atacante remoto no autenticado active una denegación de servicio enviando una solicitud POST vacía cuando la directiva OIDCPreservePost está habilitada. El servidor se bloquea constantemente, lo que afecta la disponibilidad."}],"affected":[{"source":"secalert@redhat.com","affectedData":[{"defaultStatus":"unaffected","collectionURL":"https://github.com/OpenIDC/mod_auth_openidc","packageName":"mod_auth_openidc","versions":[{"version":"2.0.0","lessThan":"2.4.13.1","versionType":"semver","status":"affected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"mod_auth_openidc:2.3","cpes":["cpe:/a:redhat:enterprise_linux:8::appstream"],"versions":[{"version":"8100020250426100353.489197e6","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.2 Advanced Update Support","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"mod_auth_openidc:2.3","cpes":["cpe:/a:redhat:rhel_aus:8.2::appstream"],"versions":[{"version":"8020020250612174445.4cda2c84","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"mod_auth_openidc:2.3","cpes":["cpe:/a:redhat:rhel_aus:8.4::appstream"],"versions":[{"version":"8040020250618101351.522a0ee4","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"mod_auth_openidc:2.3","cpes":["cpe:/a:redhat:rhel_aus:8.6::appstream","cpe:/a:redhat:rhel_e4s:8.6::appstream","cpe:/a:redhat:rhel_tus:8.6::appstream"],"versions":[{"version":"8060020250617090503.ad008a3a","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.6 Telecommunications Update Service","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"mod_auth_openidc:2.3","cpes":["cpe:/a:redhat:rhel_aus:8.6::appstream","cpe:/a:redhat:rhel_e4s:8.6::appstream","cpe:/a:redhat:rhel_tus:8.6::appstream"],"versions":[{"version":"8060020250617090503.ad008a3a","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"mod_auth_openidc:2.3","cpes":["cpe:/a:redhat:rhel_aus:8.6::appstream","cpe:/a:redhat:rhel_e4s:8.6::appstream","cpe:/a:redhat:rhel_tus:8.6::appstream"],"versions":[{"version":"8060020250617090503.ad008a3a","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.8 Telecommunications Update Service","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"mod_auth_openidc:2.3","cpes":["cpe:/a:redhat:rhel_e4s:8.8::appstream","cpe:/a:redhat:rhel_tus:8.8::appstream"],"versions":[{"version":"8080020250617090716.63b34585","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"mod_auth_openidc:2.3","cpes":["cpe:/a:redhat:rhel_e4s:8.8::appstream","cpe:/a:redhat:rhel_tus:8.8::appstream"],"versions":[{"version":"8080020250617090716.63b34585","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"mod_auth_openidc","cpes":["cpe:/a:redhat:enterprise_linux:9::appstream"],"versions":[{"version":"0:2.4.10-1.el9_6.2","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"mod_auth_openidc","cpes":["cpe:/a:redhat:rhel_e4s:9.0::appstream"],"versions":[{"version":"0:2.4.9.4-1.el9_0.3","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"mod_auth_openidc","cpes":["cpe:/a:redhat:rhel_e4s:9.2::appstream"],"versions":[{"version":"0:2.4.9.4-1.el9_2.3","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9.4 Extended Update Support","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"mod_auth_openidc","cpes":["cpe:/a:redhat:rhel_eus:9.4::appstream"],"versions":[{"version":"0:2.4.9.4-4.el9_4.2","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 10","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"mod_auth_openidc","cpes":["cpe:/o:redhat:enterprise_linux:10"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 7","defaultStatus":"unaffected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"mod_auth_openidc","cpes":["cpe:/o:redhat:enterprise_linux:7"]}]}],"metrics":{"cvssMetricV31":[{"source":"secalert@redhat.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":3.6},{"source":"nvd@nist.gov","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-04-29T13:28:13.900026Z","id":"CVE-2025-3891","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"secalert@redhat.com","type":"Secondary","description":[{"lang":"en","value":"CWE-248"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-noinfo"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:apache:http_server:-:*:*:*:*:*:*:*","matchCriteriaId":"D623D8C0-65D2-4269-A1D4-5CB3899F44C8"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*","matchCriteriaId":"142AD0DD-4CF3-4D74-9442-459CE3347E3A"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:-:*:*:*","matchCriteriaId":"053C1B35-3869-41C2-9551-044182DE0A64"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*","matchCriteriaId":"7F6FB57C-2BC7-487C-96DD-132683AEB35D"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*","matchCriteriaId":"FA6FEEC2-9F11-4643-8827-749718254FED"}]}]}],"references":[{"url":"https://access.redhat.com/errata/RHSA-2025:10002","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:10003","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:10004","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:10006","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:10007","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:10008","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:10010","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:4597","source":"secalert@redhat.com","tags":["Third Party Advisory"]},{"url":"https://access.redhat.com/errata/RHSA-2025:9396","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/security/cve/CVE-2025-3891","source":"secalert@redhat.com","tags":["Third Party Advisory"]},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2361633","source":"secalert@redhat.com","tags":["Issue Tracking"]},{"url":"https://github.com/OpenIDC/mod_auth_openidc/commit/6a0b5f66c87184dfe0e4400f6bdd46a82dc0ec2b","source":"secalert@redhat.com"},{"url":"https://github.com/OpenIDC/mod_auth_openidc/security/advisories/GHSA-x7cf-8wgv-5j86","source":"secalert@redhat.com"},{"url":"https://lists.debian.org/debian-lts-announce/2025/05/msg00007.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Mailing List","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2025-49794","sourceIdentifier":"secalert@redhat.com","published":"2025-06-16T16:15:18.997","lastModified":"2026-06-29T21:16:36.740","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"A use-after-free vulnerability was found in libxml2. This issue occurs when parsing XPath elements under certain circumstances when the XML schematron has the <sch:name path=\"...\"/> schema elements. This flaw allows a malicious actor to craft a malicious XML document used as input for libxml, resulting in the program's crash using libxml or other possible undefined behaviors."},{"lang":"es","value":"Se detectó una vulnerabilidad de use-after-free en libxml2. Este problema se produce al analizar elementos XPath en ciertas circunstancias cuando el esquema XML contiene los elementos de esquema . Esta falla permite a un actor malicioso manipular un documento XML malicioso que se utiliza como entrada para libxml, lo que provoca el bloqueo del programa al usar libxml u otros posibles comportamientos indefinidos."}],"affected":[{"source":"secalert@redhat.com","affectedData":[{"defaultStatus":"unaffected","collectionURL":"https://gitlab.gnome.org/GNOME/libxml2/","packageName":"libxml2","versions":[{"version":"0","lessThan":"2.15.0","versionType":"semver","status":"affected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 10","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"libxml2","cpes":["cpe:/o:redhat:enterprise_linux:10.0"],"versions":[{"version":"0:2.12.5-7.el10_0","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 7 Extended Lifecycle Support","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"libxml2","cpes":["cpe:/o:redhat:rhel_els:7"],"versions":[{"version":"0:2.9.1-6.el7_9.10","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"libxml2","cpes":["cpe:/a:redhat:enterprise_linux:8::appstream","cpe:/o:redhat:enterprise_linux:8::baseos"],"versions":[{"version":"0:2.9.7-21.el8_10.1","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"libxml2","cpes":["cpe:/a:redhat:enterprise_linux:8::appstream","cpe:/o:redhat:enterprise_linux:8::baseos"],"versions":[{"version":"0:2.9.7-21.el8_10.1","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.2 Advanced Update Support","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"libxml2","cpes":["cpe:/a:redhat:rhel_aus:8.2::appstream","cpe:/o:redhat:rhel_aus:8.2::baseos"],"versions":[{"version":"0:2.9.7-9.el8_2.3","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"libxml2","cpes":["cpe:/a:redhat:rhel_aus:8.4::appstream","cpe:/a:redhat:rhel_eus_long_life:8.4::appstream","cpe:/o:redhat:rhel_aus:8.4::baseos","cpe:/o:redhat:rhel_eus_long_life:8.4::baseos"],"versions":[{"version":"0:2.9.7-9.el8_4.6","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"libxml2","cpes":["cpe:/a:redhat:rhel_aus:8.4::appstream","cpe:/a:redhat:rhel_eus_long_life:8.4::appstream","cpe:/o:redhat:rhel_aus:8.4::baseos","cpe:/o:redhat:rhel_eus_long_life:8.4::baseos"],"versions":[{"version":"0:2.9.7-9.el8_4.6","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"libxml2","cpes":["cpe:/a:redhat:rhel_aus:8.6::appstream","cpe:/a:redhat:rhel_e4s:8.6::appstream","cpe:/a:redhat:rhel_tus:8.6::appstream","cpe:/o:redhat:rhel_aus:8.6::baseos","cpe:/o:redhat:rhel_e4s:8.6::baseos","cpe:/o:redhat:rhel_tus:8.6::baseos"],"versions":[{"version":"0:2.9.7-13.el8_6.10","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.6 Telecommunications Update Service","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"libxml2","cpes":["cpe:/a:redhat:rhel_aus:8.6::appstream","cpe:/a:redhat:rhel_e4s:8.6::appstream","cpe:/a:redhat:rhel_tus:8.6::appstream","cpe:/o:redhat:rhel_aus:8.6::baseos","cpe:/o:redhat:rhel_e4s:8.6::baseos","cpe:/o:redhat:rhel_tus:8.6::baseos"],"versions":[{"version":"0:2.9.7-13.el8_6.10","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"libxml2","cpes":["cpe:/a:redhat:rhel_aus:8.6::appstream","cpe:/a:redhat:rhel_e4s:8.6::appstream","cpe:/a:redhat:rhel_tus:8.6::appstream","cpe:/o:redhat:rhel_aus:8.6::baseos","cpe:/o:redhat:rhel_e4s:8.6::baseos","cpe:/o:redhat:rhel_tus:8.6::baseos"],"versions":[{"version":"0:2.9.7-13.el8_6.10","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.8 Telecommunications Update Service","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"libxml2","cpes":["cpe:/a:redhat:rhel_e4s:8.8::appstream","cpe:/a:redhat:rhel_tus:8.8::appstream","cpe:/o:redhat:rhel_e4s:8.8::baseos","cpe:/o:redhat:rhel_tus:8.8::baseos"],"versions":[{"version":"0:2.9.7-16.el8_8.9","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"libxml2","cpes":["cpe:/a:redhat:rhel_e4s:8.8::appstream","cpe:/a:redhat:rhel_tus:8.8::appstream","cpe:/o:redhat:rhel_e4s:8.8::baseos","cpe:/o:redhat:rhel_tus:8.8::baseos"],"versions":[{"version":"0:2.9.7-16.el8_8.9","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"libxml2","cpes":["cpe:/a:redhat:enterprise_linux:9::appstream","cpe:/o:redhat:enterprise_linux:9::baseos"],"versions":[{"version":"0:2.9.13-10.el9_6","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"libxml2","cpes":["cpe:/a:redhat:enterprise_linux:9::appstream","cpe:/o:redhat:enterprise_linux:9::baseos"],"versions":[{"version":"0:2.9.13-10.el9_6","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"libxml2","cpes":["cpe:/a:redhat:rhel_e4s:9.0::appstream","cpe:/o:redhat:rhel_e4s:9.0::baseos"],"versions":[{"version":"0:2.9.13-1.el9_0.5","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"libxml2","cpes":["cpe:/a:redhat:rhel_e4s:9.2::appstream","cpe:/o:redhat:rhel_e4s:9.2::baseos"],"versions":[{"version":"0:2.9.13-3.el9_2.7","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9.4 Extended Update Support","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"libxml2","cpes":["cpe:/a:redhat:rhel_eus:9.4::appstream","cpe:/o:redhat:rhel_eus:9.4::baseos"],"versions":[{"version":"0:2.9.13-10.el9_4","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat JBoss Core Services 2.4.62.SP2","defaultStatus":"unaffected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"libxml2","cpes":["cpe:/a:redhat:jboss_core_services:1"]},{"vendor":"Red Hat","product":"Red Hat OpenShift Container Platform 4.12","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"rhcos","cpes":["cpe:/a:redhat:openshift:4.12::el8"],"versions":[{"version":"412.86.202510291903-0","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat OpenShift Container Platform 4.13","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"rhcos","cpes":["cpe:/a:redhat:openshift:4.13::el9"],"versions":[{"version":"413.92.202510150118-0","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat OpenShift Container Platform 4.14","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"rhcos","cpes":["cpe:/a:redhat:openshift:4.14::el9"],"versions":[{"version":"414.92.202510211419-0","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat OpenShift Container Platform 4.17","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"rhcos","cpes":["cpe:/a:redhat:openshift:4.17::el9"],"versions":[{"version":"417.94.202510112152-0","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat OpenShift Container Platform 4.18","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"rhcos","cpes":["cpe:/a:redhat:openshift:4.18::el9"],"versions":[{"version":"418.94.202510230424-0","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat OpenShift Container Platform 4.19","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"rhcos","cpes":["cpe:/a:redhat:openshift:4.19::el9"],"versions":[{"version":"4.19.9.6.202510140714-0","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat OpenShift Container Platform 4.20","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"rhcos","cpes":["cpe:/a:redhat:openshift:4.20::el9"],"versions":[{"version":"4.20.9.6.202509251656-0","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Web Terminal 1.11 on RHEL 9","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"web-terminal/web-terminal-rhel9-operator","cpes":["cpe:/a:redhat:webterminal:1.11::el9"],"versions":[{"version":"1.11-19","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Web Terminal 1.11 on RHEL 9","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"web-terminal/web-terminal-tooling-rhel9","cpes":["cpe:/a:redhat:webterminal:1.11::el9"],"versions":[{"version":"1.11-8","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Web Terminal 1.12 on RHEL 9","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"web-terminal/web-terminal-tooling-rhel9","cpes":["cpe:/a:redhat:webterminal:1.12::el9"],"versions":[{"version":"1.12-4","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"RHOSS-1.36-RHEL-8","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"openshift-serverless-1/logic-data-index-ephemeral-rhel8","cpes":["cpe:/a:redhat:openshift_serverless:1.36::el8"],"versions":[{"version":"1.36.0-11","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"RHOSS-1.36-RHEL-8","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"openshift-serverless-1/logic-data-index-postgresql-rhel8","cpes":["cpe:/a:redhat:openshift_serverless:1.36::el8"],"versions":[{"version":"1.36.0-11","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"RHOSS-1.36-RHEL-8","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"openshift-serverless-1/logic-db-migrator-tool-rhel8","cpes":["cpe:/a:redhat:openshift_serverless:1.36::el8"],"versions":[{"version":"1.36.0-11","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"RHOSS-1.36-RHEL-8","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"openshift-serverless-1/logic-jobs-service-ephemeral-rhel8","cpes":["cpe:/a:redhat:openshift_serverless:1.36::el8"],"versions":[{"version":"1.36.0-10","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"RHOSS-1.36-RHEL-8","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"openshift-serverless-1/logic-jobs-service-postgresql-rhel8","cpes":["cpe:/a:redhat:openshift_serverless:1.36::el8"],"versions":[{"version":"1.36.0-10","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"RHOSS-1.36-RHEL-8","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8","cpes":["cpe:/a:redhat:openshift_serverless:1.36::el8"],"versions":[{"version":"1.36.0-4","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"RHOSS-1.36-RHEL-8","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"openshift-serverless-1/logic-management-console-rhel8","cpes":["cpe:/a:redhat:openshift_serverless:1.36::el8"],"versions":[{"version":"1.36.0-9","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"RHOSS-1.36-RHEL-8","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"openshift-serverless-1/logic-operator-bundle","cpes":["cpe:/a:redhat:openshift_serverless:1.36::el8"],"versions":[{"version":"1.36.0-12","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"RHOSS-1.36-RHEL-8","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"openshift-serverless-1/logic-rhel8-operator","cpes":["cpe:/a:redhat:openshift_serverless:1.36::el8"],"versions":[{"version":"1.36.0-18","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"RHOSS-1.36-RHEL-8","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"openshift-serverless-1/logic-swf-builder-rhel8","cpes":["cpe:/a:redhat:openshift_serverless:1.36::el8"],"versions":[{"version":"1.36.0-11","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"RHOSS-1.36-RHEL-8","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"openshift-serverless-1/logic-swf-devmode-rhel8","cpes":["cpe:/a:redhat:openshift_serverless:1.36::el8"],"versions":[{"version":"1.36.0-7","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"cert-manager operator for Red Hat OpenShift 1.16","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"cert-manager/jetstack-cert-manager-rhel9","cpes":["cpe:/a:redhat:cert_manager:1.16::el9"],"versions":[{"version":"v1.16.5-1760515757","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"OpenShift File Integrity Operator - FIO 1","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"compliance/openshift-file-integrity-rhel8-operator","cpes":["cpe:/a:redhat:openshift_file_integrity_operator:1::el9"],"versions":[{"version":"v1.3","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Hardened Images","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"libxml2-main","cpes":["cpe:/a:redhat:hummingbird:1"],"versions":[{"version":"2.15.2-0.3.hum1","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Insights proxy 1.5","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"insights-proxy/insights-proxy-container-rhel9","cpes":["cpe:/a:redhat:insights_proxy:1.5::el9"],"versions":[{"version":"1.5.5-1754504343","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 6","defaultStatus":"unknown","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"libxml2","cpes":["cpe:/o:redhat:enterprise_linux:6"]}]},{"source":"0b142b55-0307-4c5a-b3c9-f314f3fb7c5e","affectedData":[{"vendor":"Siemens","product":"RUGGEDCOM ROX MX5000","defaultStatus":"unknown","versions":[{"version":"0","lessThan":"V2.17.1","versionType":"custom","status":"affected"}]},{"vendor":"Siemens","product":"RUGGEDCOM ROX MX5000RE","defaultStatus":"unknown","versions":[{"version":"0","lessThan":"V2.17.1","versionType":"custom","status":"affected"}]},{"vendor":"Siemens","product":"RUGGEDCOM ROX RX1400","defaultStatus":"unknown","versions":[{"version":"0","lessThan":"V2.17.1","versionType":"custom","status":"affected"}]},{"vendor":"Siemens","product":"RUGGEDCOM ROX RX1500","defaultStatus":"unknown","versions":[{"version":"0","lessThan":"V2.17.1","versionType":"custom","status":"affected"}]},{"vendor":"Siemens","product":"RUGGEDCOM ROX RX1501","defaultStatus":"unknown","versions":[{"version":"0","lessThan":"V2.17.1","versionType":"custom","status":"affected"}]},{"vendor":"Siemens","product":"RUGGEDCOM ROX RX1510","defaultStatus":"unknown","versions":[{"version":"0","lessThan":"V2.17.1","versionType":"custom","status":"affected"}]},{"vendor":"Siemens","product":"RUGGEDCOM ROX RX1511","defaultStatus":"unknown","versions":[{"version":"0","lessThan":"V2.17.1","versionType":"custom","status":"affected"}]},{"vendor":"Siemens","product":"RUGGEDCOM ROX RX1512","defaultStatus":"unknown","versions":[{"version":"0","lessThan":"V2.17.1","versionType":"custom","status":"affected"}]},{"vendor":"Siemens","product":"RUGGEDCOM ROX RX1524","defaultStatus":"unknown","versions":[{"version":"0","lessThan":"V2.17.1","versionType":"custom","status":"affected"}]},{"vendor":"Siemens","product":"RUGGEDCOM ROX RX1536","defaultStatus":"unknown","versions":[{"version":"0","lessThan":"V2.17.1","versionType":"custom","status":"affected"}]},{"vendor":"Siemens","product":"RUGGEDCOM ROX RX5000","defaultStatus":"unknown","versions":[{"version":"0","lessThan":"V2.17.1","versionType":"custom","status":"affected"}]},{"vendor":"Siemens","product":"RUGGEDCOM RST2428P","defaultStatus":"unknown","versions":[{"version":"0","lessThan":"V4.0","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"secalert@redhat.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H","baseScore":9.1,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.2}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-06-16T15:50:46.041375Z","id":"CVE-2025-49794","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"secalert@redhat.com","type":"Secondary","description":[{"lang":"en","value":"CWE-825"}]}],"references":[{"url":"https://access.redhat.com/errata/RHSA-2025:10630","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:10698","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:10699","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:11580","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:12098","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:12099","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:12199","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:12237","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:12239","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:12240","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:12241","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:13335","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:15397","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:15827","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:15828","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:18217","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:18218","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:18219","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:18240","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:19020","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:19041","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:19046","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:19894","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:21913","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:0934","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:7519","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/security/cve/CVE-2025-49794","source":"secalert@redhat.com"},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2372373","source":"secalert@redhat.com"},{"url":"https://gitlab.gnome.org/GNOME/libxml2/-/issues/931","source":"secalert@redhat.com"},{"url":"https://lists.debian.org/debian-lts-announce/2025/07/msg00014.html","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://cert-portal.siemens.com/productcert/html/ssa-253495.html","source":"0b142b55-0307-4c5a-b3c9-f314f3fb7c5e"},{"url":"https://cert-portal.siemens.com/productcert/html/ssa-577017.html","source":"0b142b55-0307-4c5a-b3c9-f314f3fb7c5e"}]}},{"cve":{"id":"CVE-2025-49796","sourceIdentifier":"secalert@redhat.com","published":"2025-06-16T16:15:19.370","lastModified":"2026-06-29T21:16:37.153","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"A vulnerability was found in libxml2. Processing certain sch:name elements from the input XML file can trigger a memory corruption issue. This flaw allows an attacker to craft a malicious XML input file that can lead libxml to crash, resulting in a denial of service or other possible undefined behavior due to sensitive data being corrupted in memory."},{"lang":"es","value":"Se encontró una vulnerabilidad en libxml2. El procesamiento de ciertos elementos sch:name del archivo XML de entrada puede provocar un problema de corrupción de memoria. Esta falla permite a un atacante manipular un archivo XML de entrada malicioso que puede provocar el bloqueo de libxml, lo que resulta en una denegación de servicio u otro posible comportamiento indefinido debido a la corrupción de datos confidenciales en la memoria."}],"affected":[{"source":"secalert@redhat.com","affectedData":[{"defaultStatus":"unaffected","collectionURL":"https://gitlab.gnome.org/GNOME/libxml2/","packageName":"libxml2","versions":[{"version":"0","lessThan":"2.15.0","versionType":"semver","status":"affected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 10","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"libxml2","cpes":["cpe:/o:redhat:enterprise_linux:10.0"],"versions":[{"version":"0:2.12.5-7.el10_0","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 7 Extended Lifecycle Support","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"libxml2","cpes":["cpe:/o:redhat:rhel_els:7"],"versions":[{"version":"0:2.9.1-6.el7_9.10","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"libxml2","cpes":["cpe:/a:redhat:enterprise_linux:8::appstream","cpe:/o:redhat:enterprise_linux:8::baseos"],"versions":[{"version":"0:2.9.7-21.el8_10.1","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"libxml2","cpes":["cpe:/a:redhat:enterprise_linux:8::appstream","cpe:/o:redhat:enterprise_linux:8::baseos"],"versions":[{"version":"0:2.9.7-21.el8_10.1","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.2 Advanced Update Support","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"libxml2","cpes":["cpe:/a:redhat:rhel_aus:8.2::appstream","cpe:/o:redhat:rhel_aus:8.2::baseos"],"versions":[{"version":"0:2.9.7-9.el8_2.3","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"libxml2","cpes":["cpe:/a:redhat:rhel_aus:8.4::appstream","cpe:/a:redhat:rhel_eus_long_life:8.4::appstream","cpe:/o:redhat:rhel_aus:8.4::baseos","cpe:/o:redhat:rhel_eus_long_life:8.4::baseos"],"versions":[{"version":"0:2.9.7-9.el8_4.6","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"libxml2","cpes":["cpe:/a:redhat:rhel_aus:8.4::appstream","cpe:/a:redhat:rhel_eus_long_life:8.4::appstream","cpe:/o:redhat:rhel_aus:8.4::baseos","cpe:/o:redhat:rhel_eus_long_life:8.4::baseos"],"versions":[{"version":"0:2.9.7-9.el8_4.6","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"libxml2","cpes":["cpe:/a:redhat:rhel_aus:8.6::appstream","cpe:/a:redhat:rhel_e4s:8.6::appstream","cpe:/a:redhat:rhel_tus:8.6::appstream","cpe:/o:redhat:rhel_aus:8.6::baseos","cpe:/o:redhat:rhel_e4s:8.6::baseos","cpe:/o:redhat:rhel_tus:8.6::baseos"],"versions":[{"version":"0:2.9.7-13.el8_6.10","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.6 Telecommunications Update Service","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"libxml2","cpes":["cpe:/a:redhat:rhel_aus:8.6::appstream","cpe:/a:redhat:rhel_e4s:8.6::appstream","cpe:/a:redhat:rhel_tus:8.6::appstream","cpe:/o:redhat:rhel_aus:8.6::baseos","cpe:/o:redhat:rhel_e4s:8.6::baseos","cpe:/o:redhat:rhel_tus:8.6::baseos"],"versions":[{"version":"0:2.9.7-13.el8_6.10","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"libxml2","cpes":["cpe:/a:redhat:rhel_aus:8.6::appstream","cpe:/a:redhat:rhel_e4s:8.6::appstream","cpe:/a:redhat:rhel_tus:8.6::appstream","cpe:/o:redhat:rhel_aus:8.6::baseos","cpe:/o:redhat:rhel_e4s:8.6::baseos","cpe:/o:redhat:rhel_tus:8.6::baseos"],"versions":[{"version":"0:2.9.7-13.el8_6.10","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.8 Telecommunications Update Service","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"libxml2","cpes":["cpe:/a:redhat:rhel_e4s:8.8::appstream","cpe:/a:redhat:rhel_tus:8.8::appstream","cpe:/o:redhat:rhel_e4s:8.8::baseos","cpe:/o:redhat:rhel_tus:8.8::baseos"],"versions":[{"version":"0:2.9.7-16.el8_8.9","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"libxml2","cpes":["cpe:/a:redhat:rhel_e4s:8.8::appstream","cpe:/a:redhat:rhel_tus:8.8::appstream","cpe:/o:redhat:rhel_e4s:8.8::baseos","cpe:/o:redhat:rhel_tus:8.8::baseos"],"versions":[{"version":"0:2.9.7-16.el8_8.9","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"libxml2","cpes":["cpe:/a:redhat:enterprise_linux:9::appstream","cpe:/o:redhat:enterprise_linux:9::baseos"],"versions":[{"version":"0:2.9.13-10.el9_6","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"libxml2","cpes":["cpe:/a:redhat:enterprise_linux:9::appstream","cpe:/o:redhat:enterprise_linux:9::baseos"],"versions":[{"version":"0:2.9.13-10.el9_6","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"libxml2","cpes":["cpe:/a:redhat:rhel_e4s:9.0::appstream","cpe:/o:redhat:rhel_e4s:9.0::baseos"],"versions":[{"version":"0:2.9.13-1.el9_0.5","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"libxml2","cpes":["cpe:/a:redhat:rhel_e4s:9.2::appstream","cpe:/o:redhat:rhel_e4s:9.2::baseos"],"versions":[{"version":"0:2.9.13-3.el9_2.7","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9.4 Extended Update Support","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"libxml2","cpes":["cpe:/a:redhat:rhel_eus:9.4::appstream","cpe:/o:redhat:rhel_eus:9.4::baseos"],"versions":[{"version":"0:2.9.13-10.el9_4","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat JBoss Core Services 2.4.62.SP2","defaultStatus":"unaffected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"libxml2","cpes":["cpe:/a:redhat:jboss_core_services:1"]},{"vendor":"Red Hat","product":"Red Hat OpenShift Container Platform 4.12","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"rhcos","cpes":["cpe:/a:redhat:openshift:4.12::el8"],"versions":[{"version":"412.86.202510291903-0","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat OpenShift Container Platform 4.13","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"rhcos","cpes":["cpe:/a:redhat:openshift:4.13::el9"],"versions":[{"version":"413.92.202510150118-0","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat OpenShift Container Platform 4.14","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"rhcos","cpes":["cpe:/a:redhat:openshift:4.14::el9"],"versions":[{"version":"414.92.202510211419-0","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat OpenShift Container Platform 4.17","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"rhcos","cpes":["cpe:/a:redhat:openshift:4.17::el9"],"versions":[{"version":"417.94.202510112152-0","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat OpenShift Container Platform 4.18","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"rhcos","cpes":["cpe:/a:redhat:openshift:4.18::el9"],"versions":[{"version":"418.94.202510230424-0","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat OpenShift Container Platform 4.19","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"rhcos","cpes":["cpe:/a:redhat:openshift:4.19::el9"],"versions":[{"version":"4.19.9.6.202510140714-0","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat OpenShift Container Platform 4.20","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"rhcos","cpes":["cpe:/a:redhat:openshift:4.20::el9"],"versions":[{"version":"4.20.9.6.202509251656-0","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Web Terminal 1.11 on RHEL 9","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"web-terminal/web-terminal-rhel9-operator","cpes":["cpe:/a:redhat:webterminal:1.11::el9"],"versions":[{"version":"1.11-19","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Web Terminal 1.11 on RHEL 9","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"web-terminal/web-terminal-tooling-rhel9","cpes":["cpe:/a:redhat:webterminal:1.11::el9"],"versions":[{"version":"1.11-8","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Web Terminal 1.12 on RHEL 9","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"web-terminal/web-terminal-tooling-rhel9","cpes":["cpe:/a:redhat:webterminal:1.12::el9"],"versions":[{"version":"1.12-4","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"RHOSS-1.36-RHEL-8","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"openshift-serverless-1/logic-data-index-ephemeral-rhel8","cpes":["cpe:/a:redhat:openshift_serverless:1.36::el8"],"versions":[{"version":"1.36.0-11","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"RHOSS-1.36-RHEL-8","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"openshift-serverless-1/logic-data-index-postgresql-rhel8","cpes":["cpe:/a:redhat:openshift_serverless:1.36::el8"],"versions":[{"version":"1.36.0-11","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"RHOSS-1.36-RHEL-8","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"openshift-serverless-1/logic-db-migrator-tool-rhel8","cpes":["cpe:/a:redhat:openshift_serverless:1.36::el8"],"versions":[{"version":"1.36.0-11","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"RHOSS-1.36-RHEL-8","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"openshift-serverless-1/logic-jobs-service-ephemeral-rhel8","cpes":["cpe:/a:redhat:openshift_serverless:1.36::el8"],"versions":[{"version":"1.36.0-10","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"RHOSS-1.36-RHEL-8","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"openshift-serverless-1/logic-jobs-service-postgresql-rhel8","cpes":["cpe:/a:redhat:openshift_serverless:1.36::el8"],"versions":[{"version":"1.36.0-10","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"RHOSS-1.36-RHEL-8","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8","cpes":["cpe:/a:redhat:openshift_serverless:1.36::el8"],"versions":[{"version":"1.36.0-4","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"RHOSS-1.36-RHEL-8","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"openshift-serverless-1/logic-management-console-rhel8","cpes":["cpe:/a:redhat:openshift_serverless:1.36::el8"],"versions":[{"version":"1.36.0-9","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"RHOSS-1.36-RHEL-8","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"openshift-serverless-1/logic-operator-bundle","cpes":["cpe:/a:redhat:openshift_serverless:1.36::el8"],"versions":[{"version":"1.36.0-12","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"RHOSS-1.36-RHEL-8","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"openshift-serverless-1/logic-rhel8-operator","cpes":["cpe:/a:redhat:openshift_serverless:1.36::el8"],"versions":[{"version":"1.36.0-18","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"RHOSS-1.36-RHEL-8","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"openshift-serverless-1/logic-swf-builder-rhel8","cpes":["cpe:/a:redhat:openshift_serverless:1.36::el8"],"versions":[{"version":"1.36.0-11","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"RHOSS-1.36-RHEL-8","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"openshift-serverless-1/logic-swf-devmode-rhel8","cpes":["cpe:/a:redhat:openshift_serverless:1.36::el8"],"versions":[{"version":"1.36.0-7","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"cert-manager operator for Red Hat OpenShift 1.16","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"cert-manager/jetstack-cert-manager-rhel9","cpes":["cpe:/a:redhat:cert_manager:1.16::el9"],"versions":[{"version":"v1.16.5-1760515757","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"OpenShift File Integrity Operator - FIO 1","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"compliance/openshift-file-integrity-rhel8-operator","cpes":["cpe:/a:redhat:openshift_file_integrity_operator:1::el9"],"versions":[{"version":"v1.3","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Discovery 2","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"discovery/discovery-server-rhel9","cpes":["cpe:/a:redhat:discovery:2::el9"],"versions":[{"version":"2.0.1-1754478727","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Hardened Images","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"libxml2-main","cpes":["cpe:/a:redhat:hummingbird:1"],"versions":[{"version":"2.15.2-0.3.hum1","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Insights proxy 1.5","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"insights-proxy/insights-proxy-container-rhel9","cpes":["cpe:/a:redhat:insights_proxy:1.5::el9"],"versions":[{"version":"1.5.5-1754504343","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 6","defaultStatus":"unknown","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"libxml2","cpes":["cpe:/o:redhat:enterprise_linux:6"]}]},{"source":"0b142b55-0307-4c5a-b3c9-f314f3fb7c5e","affectedData":[{"vendor":"Siemens","product":"RUGGEDCOM ROX MX5000","defaultStatus":"unknown","versions":[{"version":"0","lessThan":"V2.17.1","versionType":"custom","status":"affected"}]},{"vendor":"Siemens","product":"RUGGEDCOM ROX MX5000RE","defaultStatus":"unknown","versions":[{"version":"0","lessThan":"V2.17.1","versionType":"custom","status":"affected"}]},{"vendor":"Siemens","product":"RUGGEDCOM ROX RX1400","defaultStatus":"unknown","versions":[{"version":"0","lessThan":"V2.17.1","versionType":"custom","status":"affected"}]},{"vendor":"Siemens","product":"RUGGEDCOM ROX RX1500","defaultStatus":"unknown","versions":[{"version":"0","lessThan":"V2.17.1","versionType":"custom","status":"affected"}]},{"vendor":"Siemens","product":"RUGGEDCOM ROX RX1501","defaultStatus":"unknown","versions":[{"version":"0","lessThan":"V2.17.1","versionType":"custom","status":"affected"}]},{"vendor":"Siemens","product":"RUGGEDCOM ROX RX1510","defaultStatus":"unknown","versions":[{"version":"0","lessThan":"V2.17.1","versionType":"custom","status":"affected"}]},{"vendor":"Siemens","product":"RUGGEDCOM ROX RX1511","defaultStatus":"unknown","versions":[{"version":"0","lessThan":"V2.17.1","versionType":"custom","status":"affected"}]},{"vendor":"Siemens","product":"RUGGEDCOM ROX RX1512","defaultStatus":"unknown","versions":[{"version":"0","lessThan":"V2.17.1","versionType":"custom","status":"affected"}]},{"vendor":"Siemens","product":"RUGGEDCOM ROX RX1524","defaultStatus":"unknown","versions":[{"version":"0","lessThan":"V2.17.1","versionType":"custom","status":"affected"}]},{"vendor":"Siemens","product":"RUGGEDCOM ROX RX1536","defaultStatus":"unknown","versions":[{"version":"0","lessThan":"V2.17.1","versionType":"custom","status":"affected"}]},{"vendor":"Siemens","product":"RUGGEDCOM ROX RX5000","defaultStatus":"unknown","versions":[{"version":"0","lessThan":"V2.17.1","versionType":"custom","status":"affected"}]},{"vendor":"Siemens","product":"RUGGEDCOM RST2428P","defaultStatus":"unknown","versions":[{"version":"0","lessThan":"V4.0","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"secalert@redhat.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H","baseScore":9.1,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.2}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-06-16T15:32:55.790163Z","id":"CVE-2025-49796","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"secalert@redhat.com","type":"Secondary","description":[{"lang":"en","value":"CWE-125"}]}],"references":[{"url":"https://access.redhat.com/errata/RHSA-2025:10630","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:10698","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:10699","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:11580","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:12098","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:12099","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:12199","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:12237","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:12239","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:12240","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:12241","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:13267","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:13335","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:15397","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:15827","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:15828","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:18217","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:18218","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:18219","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:18240","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:19020","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:19041","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:19046","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:19894","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:21913","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:0934","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:7519","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/security/cve/CVE-2025-49796","source":"secalert@redhat.com"},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2372385","source":"secalert@redhat.com"},{"url":"https://gitlab.gnome.org/GNOME/libxml2/-/issues/933","source":"secalert@redhat.com"},{"url":"https://lists.debian.org/debian-lts-announce/2025/07/msg00014.html","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://cert-portal.siemens.com/productcert/html/ssa-253495.html","source":"0b142b55-0307-4c5a-b3c9-f314f3fb7c5e"},{"url":"https://cert-portal.siemens.com/productcert/html/ssa-577017.html","source":"0b142b55-0307-4c5a-b3c9-f314f3fb7c5e"}]}},{"cve":{"id":"CVE-2025-7424","sourceIdentifier":"secalert@redhat.com","published":"2025-07-10T14:15:27.573","lastModified":"2026-06-29T21:16:37.760","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"A flaw was found in the libxslt library. The same memory field, psvi, is used for both stylesheet and input data, which can lead to type confusion during XML transformations. This vulnerability allows an attacker to crash the application or corrupt memory. In some cases, it may lead to denial of service or unexpected behavior."},{"lang":"es","value":"Se encontró una falla en la librería libxslt. El mismo campo de memoria, psvi, se utiliza tanto para la hoja de estilo como para los datos de entrada, lo que puede provocar confusión de tipos durante las transformaciones XML. Esta vulnerabilidad permite a un atacante bloquear la aplicación o corromper la memoria. En algunos casos, puede provocar una denegación de servicio o un comportamiento inesperado."}],"affected":[{"source":"secalert@redhat.com","affectedData":[{"vendor":"GNOME","product":"libxslt","defaultStatus":"unaffected","collectionURL":"https://gitlab.gnome.org/GNOME/libxslt/","packageName":"libxslt","versions":[{"version":"0","lessThan":"1.1.44","versionType":"semver","status":"affected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 10","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"libxml2","cpes":["cpe:/o:redhat:enterprise_linux:10.0"],"versions":[{"version":"0:2.12.5-8.el10_0","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 10","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"libxslt","cpes":["cpe:/o:redhat:enterprise_linux:10.0"],"versions":[{"version":"0:1.1.39-8.el10_0","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Hardened Images","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"libxslt-main","cpes":["cpe:/a:redhat:hummingbird:1"],"versions":[{"version":"1.1.45-0.1.hum1","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 6","defaultStatus":"unknown","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"libxslt","cpes":["cpe:/o:redhat:enterprise_linux:6"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 7","defaultStatus":"unaffected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"libxslt","cpes":["cpe:/o:redhat:enterprise_linux:7"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8","defaultStatus":"unaffected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"libxslt","cpes":["cpe:/o:redhat:enterprise_linux:8"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9","defaultStatus":"unaffected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"libxslt","cpes":["cpe:/o:redhat:enterprise_linux:9"]},{"vendor":"Red Hat","product":"Red Hat OpenShift Container Platform 4","defaultStatus":"unaffected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"rhcos","cpes":["cpe:/a:redhat:openshift:4"]}]}],"metrics":{"cvssMetricV31":[{"source":"secalert@redhat.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":3.6},{"source":"nvd@nist.gov","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-07-10T14:19:10.293861Z","id":"CVE-2025-7424","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"secalert@redhat.com","type":"Secondary","description":[{"lang":"en","value":"CWE-843"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:xmlsoft:libxslt:-:*:*:*:*:*:*:*","matchCriteriaId":"D2D94647-6F9E-40A3-8BDF-980A6D71E6E2"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:redhat:openshift_container_platform:4.0:*:*:*:*:*:*:*","matchCriteriaId":"932D137F-528B-4526-9A89-CD59FA1AB0FE"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*","matchCriteriaId":"2F6AB192-9D7D-4A9A-8995-E53A9DE9EAFC"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*","matchCriteriaId":"142AD0DD-4CF3-4D74-9442-459CE3347E3A"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*","matchCriteriaId":"F4CFF558-3C47-480D-A2F0-BABF26042943"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*","matchCriteriaId":"7F6FB57C-2BC7-487C-96DD-132683AEB35D"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux:10.0:*:*:*:*:*:*:*","matchCriteriaId":"D65C2163-CFC2-4ABB-8F4E-CB09CEBD006C"}]}]}],"references":[{"url":"https://access.redhat.com/errata/RHBA-2025:12345","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:11015","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/security/cve/CVE-2025-7424","source":"secalert@redhat.com","tags":["Third Party Advisory"]},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2379228","source":"secalert@redhat.com","tags":["Issue Tracking","Third Party Advisory"]},{"url":"https://gitlab.gnome.org/GNOME/libxslt/-/issues/139","source":"secalert@redhat.com"},{"url":"http://seclists.org/fulldisclosure/2025/Aug/0","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://seclists.org/fulldisclosure/2025/Jul/30","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://seclists.org/fulldisclosure/2025/Jul/32","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://seclists.org/fulldisclosure/2025/Jul/33","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://seclists.org/fulldisclosure/2025/Jul/35","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://seclists.org/fulldisclosure/2025/Jul/37","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://www.openwall.com/lists/oss-security/2025/07/11/2","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://lists.debian.org/debian-lts-announce/2025/09/msg00024.html","source":"af854a3a-2127-422b-91ae-364da2661108"}]}},{"cve":{"id":"CVE-2025-7425","sourceIdentifier":"secalert@redhat.com","published":"2025-07-10T14:15:27.877","lastModified":"2026-06-29T21:16:37.963","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"A flaw was found in libxslt where the attribute type, atype, flags are modified in a way that corrupts internal memory management. When XSLT functions, such as the key() process, result in tree fragments, this corruption prevents the proper cleanup of ID attributes. As a result, the system may access freed memory, causing crashes or enabling attackers to trigger heap corruption."},{"lang":"es","value":"Se encontró una falla en libxslt donde los atributos type, atype y flags se modifican de forma que corrompe la gestión de memoria interna. Cuando las funciones XSLT, como el proceso key(), generan fragmentos de árbol, esta corrupción impide la limpieza correcta de los atributos ID. Como resultado, el sistema puede acceder a la memoria liberada, provocando fallos o permitiendo a los atacantes provocar la corrupción del montón."}],"affected":[{"source":"secalert@redhat.com","affectedData":[{"vendor":"GNOME","product":"libxml2","defaultStatus":"unaffected","collectionURL":"https://gitlab.gnome.org/GNOME/libxml2/","packageName":"libxml2","versions":[{"version":"0","lessThan":"2.15.2","versionType":"semver","status":"affected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 10","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"libxml2","cpes":["cpe:/o:redhat:enterprise_linux:10.0"],"versions":[{"version":"0:2.12.5-8.el10_0","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 10","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"libxslt","cpes":["cpe:/o:redhat:enterprise_linux:10.0"],"versions":[{"version":"0:1.1.39-8.el10_0","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 7 Extended Lifecycle Support","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"libxml2","cpes":["cpe:/o:redhat:rhel_els:7"],"versions":[{"version":"0:2.9.1-6.el7_9.12","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"libxml2","cpes":["cpe:/a:redhat:enterprise_linux:8::appstream","cpe:/o:redhat:enterprise_linux:8::baseos"],"versions":[{"version":"0:2.9.7-21.el8_10.2","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"libxml2","cpes":["cpe:/a:redhat:enterprise_linux:8::appstream","cpe:/o:redhat:enterprise_linux:8::baseos"],"versions":[{"version":"0:2.9.7-21.el8_10.2","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.2 Advanced Update Support","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"libxml2","cpes":["cpe:/a:redhat:rhel_aus:8.2::appstream","cpe:/o:redhat:rhel_aus:8.2::baseos"],"versions":[{"version":"0:2.9.7-9.el8_2.4","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"libxml2","cpes":["cpe:/a:redhat:rhel_aus:8.4::appstream","cpe:/a:redhat:rhel_eus_long_life:8.4::appstream","cpe:/o:redhat:rhel_aus:8.4::baseos","cpe:/o:redhat:rhel_eus_long_life:8.4::baseos"],"versions":[{"version":"0:2.9.7-9.el8_4.7","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"libxml2","cpes":["cpe:/a:redhat:rhel_aus:8.4::appstream","cpe:/a:redhat:rhel_eus_long_life:8.4::appstream","cpe:/o:redhat:rhel_aus:8.4::baseos","cpe:/o:redhat:rhel_eus_long_life:8.4::baseos"],"versions":[{"version":"0:2.9.7-9.el8_4.7","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"libxml2","cpes":["cpe:/a:redhat:rhel_aus:8.6::appstream","cpe:/a:redhat:rhel_e4s:8.6::appstream","cpe:/a:redhat:rhel_tus:8.6::appstream","cpe:/o:redhat:rhel_aus:8.6::baseos","cpe:/o:redhat:rhel_e4s:8.6::baseos","cpe:/o:redhat:rhel_tus:8.6::baseos"],"versions":[{"version":"0:2.9.7-13.el8_6.11","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.6 Telecommunications Update Service","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"libxml2","cpes":["cpe:/a:redhat:rhel_aus:8.6::appstream","cpe:/a:redhat:rhel_e4s:8.6::appstream","cpe:/a:redhat:rhel_tus:8.6::appstream","cpe:/o:redhat:rhel_aus:8.6::baseos","cpe:/o:redhat:rhel_e4s:8.6::baseos","cpe:/o:redhat:rhel_tus:8.6::baseos"],"versions":[{"version":"0:2.9.7-13.el8_6.11","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"libxml2","cpes":["cpe:/a:redhat:rhel_aus:8.6::appstream","cpe:/a:redhat:rhel_e4s:8.6::appstream","cpe:/a:redhat:rhel_tus:8.6::appstream","cpe:/o:redhat:rhel_aus:8.6::baseos","cpe:/o:redhat:rhel_e4s:8.6::baseos","cpe:/o:redhat:rhel_tus:8.6::baseos"],"versions":[{"version":"0:2.9.7-13.el8_6.11","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.8 Telecommunications Update Service","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"libxml2","cpes":["cpe:/a:redhat:rhel_e4s:8.8::appstream","cpe:/a:redhat:rhel_tus:8.8::appstream","cpe:/o:redhat:rhel_e4s:8.8::baseos","cpe:/o:redhat:rhel_tus:8.8::baseos"],"versions":[{"version":"0:2.9.7-16.el8_8.10","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"libxml2","cpes":["cpe:/a:redhat:rhel_e4s:8.8::appstream","cpe:/a:redhat:rhel_tus:8.8::appstream","cpe:/o:redhat:rhel_e4s:8.8::baseos","cpe:/o:redhat:rhel_tus:8.8::baseos"],"versions":[{"version":"0:2.9.7-16.el8_8.10","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"libxml2","cpes":["cpe:/a:redhat:enterprise_linux:9::appstream","cpe:/o:redhat:enterprise_linux:9::baseos"],"versions":[{"version":"0:2.9.13-11.el9_6","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"libxml2","cpes":["cpe:/a:redhat:enterprise_linux:9::appstream","cpe:/o:redhat:enterprise_linux:9::baseos"],"versions":[{"version":"0:2.9.13-11.el9_6","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"libxml2","cpes":["cpe:/a:redhat:rhel_e4s:9.0::appstream","cpe:/o:redhat:rhel_e4s:9.0::baseos"],"versions":[{"version":"0:2.9.13-1.el9_0.6","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"libxml2","cpes":["cpe:/a:redhat:rhel_e4s:9.2::appstream","cpe:/o:redhat:rhel_e4s:9.2::baseos"],"versions":[{"version":"0:2.9.13-3.el9_2.8","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9.4 Extended Update Support","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"libxml2","cpes":["cpe:/a:redhat:rhel_eus:9.4::appstream","cpe:/o:redhat:rhel_eus:9.4::baseos"],"versions":[{"version":"0:2.9.13-11.el9_4","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat OpenShift Container Platform 4.12","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"rhcos","cpes":["cpe:/a:redhat:openshift:4.12::el8"],"versions":[{"version":"412.86.202509030110-0","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat OpenShift Container Platform 4.13","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"rhcos","cpes":["cpe:/a:redhat:openshift:4.13::el9"],"versions":[{"version":"413.92.202509030117-0","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat OpenShift Container Platform 4.14","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"rhcos","cpes":["cpe:/a:redhat:openshift:4.14::el9"],"versions":[{"version":"414.92.202508270040-0","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat OpenShift Container Platform 4.15","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"rhcos","cpes":["cpe:/a:redhat:openshift:4.15::el9"],"versions":[{"version":"415.92.202508192014-0","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat OpenShift Container Platform 4.16","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"rhcos","cpes":["cpe:/a:redhat:openshift:4.16::el9"],"versions":[{"version":"416.94.202508261955-0","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat OpenShift Container Platform 4.17","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"rhcos","cpes":["cpe:/a:redhat:openshift:4.17::el9"],"versions":[{"version":"417.94.202508141510-0","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat OpenShift Container Platform 4.18","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"rhcos","cpes":["cpe:/a:redhat:openshift:4.18::el9"],"versions":[{"version":"418.94.202508261658-0","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat OpenShift Container Platform 4.19","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"rhcos","cpes":["cpe:/a:redhat:openshift:4.19::el9"],"versions":[{"version":"4.19.9.6.202508271124-0","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Web Terminal 1.11 on RHEL 9","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"web-terminal/web-terminal-rhel9-operator","cpes":["cpe:/a:redhat:webterminal:1.11::el9"],"versions":[{"version":"1.11-19","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Web Terminal 1.11 on RHEL 9","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"web-terminal/web-terminal-tooling-rhel9","cpes":["cpe:/a:redhat:webterminal:1.11::el9"],"versions":[{"version":"1.11-8","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Web Terminal 1.12 on RHEL 9","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"web-terminal/web-terminal-tooling-rhel9","cpes":["cpe:/a:redhat:webterminal:1.12::el9"],"versions":[{"version":"1.12-4","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"RHOSS-1.36-RHEL-8","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"openshift-serverless-1/logic-data-index-ephemeral-rhel8","cpes":["cpe:/a:redhat:openshift_serverless:1.36::el8"],"versions":[{"version":"1.36.0-11","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"RHOSS-1.36-RHEL-8","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"openshift-serverless-1/logic-data-index-postgresql-rhel8","cpes":["cpe:/a:redhat:openshift_serverless:1.36::el8"],"versions":[{"version":"1.36.0-11","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"RHOSS-1.36-RHEL-8","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"openshift-serverless-1/logic-db-migrator-tool-rhel8","cpes":["cpe:/a:redhat:openshift_serverless:1.36::el8"],"versions":[{"version":"1.36.0-11","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"RHOSS-1.36-RHEL-8","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"openshift-serverless-1/logic-jobs-service-ephemeral-rhel8","cpes":["cpe:/a:redhat:openshift_serverless:1.36::el8"],"versions":[{"version":"1.36.0-10","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"RHOSS-1.36-RHEL-8","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"openshift-serverless-1/logic-jobs-service-postgresql-rhel8","cpes":["cpe:/a:redhat:openshift_serverless:1.36::el8"],"versions":[{"version":"1.36.0-10","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"RHOSS-1.36-RHEL-8","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8","cpes":["cpe:/a:redhat:openshift_serverless:1.36::el8"],"versions":[{"version":"1.36.0-4","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"RHOSS-1.36-RHEL-8","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"openshift-serverless-1/logic-management-console-rhel8","cpes":["cpe:/a:redhat:openshift_serverless:1.36::el8"],"versions":[{"version":"1.36.0-9","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"RHOSS-1.36-RHEL-8","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"openshift-serverless-1/logic-operator-bundle","cpes":["cpe:/a:redhat:openshift_serverless:1.36::el8"],"versions":[{"version":"1.36.0-12","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"RHOSS-1.36-RHEL-8","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"openshift-serverless-1/logic-rhel8-operator","cpes":["cpe:/a:redhat:openshift_serverless:1.36::el8"],"versions":[{"version":"1.36.0-18","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"RHOSS-1.36-RHEL-8","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"openshift-serverless-1/logic-swf-builder-rhel8","cpes":["cpe:/a:redhat:openshift_serverless:1.36::el8"],"versions":[{"version":"1.36.0-11","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"RHOSS-1.36-RHEL-8","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"openshift-serverless-1/logic-swf-devmode-rhel8","cpes":["cpe:/a:redhat:openshift_serverless:1.36::el8"],"versions":[{"version":"1.36.0-7","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"cert-manager operator for Red Hat OpenShift 1.16","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"cert-manager/jetstack-cert-manager-rhel9","cpes":["cpe:/a:redhat:cert_manager:1.16::el9"],"versions":[{"version":"v1.16.5-1760515757","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"OpenShift Compliance Operator 1","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"compliance/openshift-compliance-must-gather-rhel8","cpes":["cpe:/a:redhat:openshift_compliance_operator:1::el9"],"versions":[{"version":"1.8.0","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"OpenShift Compliance Operator 1","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"compliance/openshift-compliance-openscap-rhel8","cpes":["cpe:/a:redhat:openshift_compliance_operator:1::el9"],"versions":[{"version":"1.8.0","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"OpenShift Compliance Operator 1","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"compliance/openshift-compliance-rhel8-operator","cpes":["cpe:/a:redhat:openshift_compliance_operator:1::el9"],"versions":[{"version":"1.8.0","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"OpenShift File Integrity Operator - FIO 1","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"compliance/openshift-file-integrity-rhel8-operator","cpes":["cpe:/a:redhat:openshift_file_integrity_operator:1::el9"],"versions":[{"version":"v1.3","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Discovery 2","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"discovery/discovery-server-rhel9","cpes":["cpe:/a:redhat:discovery:2::el9"],"versions":[{"version":"2.0.1-1754478727","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Hardened Images","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"libxml2-main","cpes":["cpe:/a:redhat:hummingbird:1"],"versions":[{"version":"2.15.3-0.1.hum1","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Insights proxy 1.5","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"insights-proxy/insights-proxy-container-rhel9","cpes":["cpe:/a:redhat:insights_proxy:1.5::el9"],"versions":[{"version":"1.5.5-1754504343","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat OpenShift distributed tracing 3.5.1","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"rhosdt/jaeger-agent-rhel8","cpes":["cpe:/a:redhat:openshift_distributed_tracing:3.5::el8"],"versions":[{"version":"rhosdt-3.5-1754559657","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat OpenShift distributed tracing 3.5.1","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"rhosdt/jaeger-all-in-one-rhel8","cpes":["cpe:/a:redhat:openshift_distributed_tracing:3.5::el8"],"versions":[{"version":"rhosdt-3.5-1754559845","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat OpenShift distributed tracing 3.5.1","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"rhosdt/jaeger-collector-rhel8","cpes":["cpe:/a:redhat:openshift_distributed_tracing:3.5::el8"],"versions":[{"version":"rhosdt-3.5-1754559691","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat OpenShift distributed tracing 3.5.1","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"rhosdt/jaeger-es-index-cleaner-rhel8","cpes":["cpe:/a:redhat:openshift_distributed_tracing:3.5::el8"],"versions":[{"version":"rhosdt-3.5-1754559660","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat OpenShift distributed tracing 3.5.1","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"rhosdt/jaeger-es-rollover-rhel8","cpes":["cpe:/a:redhat:openshift_distributed_tracing:3.5::el8"],"versions":[{"version":"rhosdt-3.5-1754559663","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat OpenShift distributed tracing 3.5.1","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"rhosdt/jaeger-ingester-rhel8","cpes":["cpe:/a:redhat:openshift_distributed_tracing:3.5::el8"],"versions":[{"version":"rhosdt-3.5-1754559657","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat OpenShift distributed tracing 3.5.1","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"rhosdt/jaeger-operator-bundle","cpes":["cpe:/a:redhat:openshift_distributed_tracing:3.5::el8"],"versions":[{"version":"rhosdt-3.5-1754569861","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat OpenShift distributed tracing 3.5.1","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"rhosdt/jaeger-query-rhel8","cpes":["cpe:/a:redhat:openshift_distributed_tracing:3.5::el8"],"versions":[{"version":"rhosdt-3.5-1754559846","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat OpenShift distributed tracing 3.5.1","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"rhosdt/jaeger-rhel8-operator","cpes":["cpe:/a:redhat:openshift_distributed_tracing:3.5::el8"],"versions":[{"version":"rhosdt-3.5-1754559651","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 6","defaultStatus":"unknown","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"libxslt","cpes":["cpe:/o:redhat:enterprise_linux:6"]}]},{"source":"0b142b55-0307-4c5a-b3c9-f314f3fb7c5e","affectedData":[{"vendor":"Siemens","product":"RUGGEDCOM ROX MX5000","defaultStatus":"unknown","versions":[{"version":"0","lessThan":"V2.17.1","versionType":"custom","status":"affected"}]},{"vendor":"Siemens","product":"RUGGEDCOM ROX MX5000RE","defaultStatus":"unknown","versions":[{"version":"0","lessThan":"V2.17.1","versionType":"custom","status":"affected"}]},{"vendor":"Siemens","product":"RUGGEDCOM ROX RX1400","defaultStatus":"unknown","versions":[{"version":"0","lessThan":"V2.17.1","versionType":"custom","status":"affected"}]},{"vendor":"Siemens","product":"RUGGEDCOM ROX RX1500","defaultStatus":"unknown","versions":[{"version":"0","lessThan":"V2.17.1","versionType":"custom","status":"affected"}]},{"vendor":"Siemens","product":"RUGGEDCOM ROX RX1501","defaultStatus":"unknown","versions":[{"version":"0","lessThan":"V2.17.1","versionType":"custom","status":"affected"}]},{"vendor":"Siemens","product":"RUGGEDCOM ROX RX1510","defaultStatus":"unknown","versions":[{"version":"0","lessThan":"V2.17.1","versionType":"custom","status":"affected"}]},{"vendor":"Siemens","product":"RUGGEDCOM ROX RX1511","defaultStatus":"unknown","versions":[{"version":"0","lessThan":"V2.17.1","versionType":"custom","status":"affected"}]},{"vendor":"Siemens","product":"RUGGEDCOM ROX RX1512","defaultStatus":"unknown","versions":[{"version":"0","lessThan":"V2.17.1","versionType":"custom","status":"affected"}]},{"vendor":"Siemens","product":"RUGGEDCOM ROX RX1524","defaultStatus":"unknown","versions":[{"version":"0","lessThan":"V2.17.1","versionType":"custom","status":"affected"}]},{"vendor":"Siemens","product":"RUGGEDCOM ROX RX1536","defaultStatus":"unknown","versions":[{"version":"0","lessThan":"V2.17.1","versionType":"custom","status":"affected"}]},{"vendor":"Siemens","product":"RUGGEDCOM ROX RX5000","defaultStatus":"unknown","versions":[{"version":"0","lessThan":"V2.17.1","versionType":"custom","status":"affected"}]},{"vendor":"Siemens","product":"SIMATIC CN 4100","defaultStatus":"unknown","versions":[{"version":"0","lessThan":"V5.0","versionType":"custom","status":"affected"}]},{"vendor":"Siemens","product":"SIMATIC S7-1500 CPU 1518-4 PN/DP MFP","defaultStatus":"unknown","versions":[{"version":"V3.1.5","lessThan":"*","versionType":"custom","status":"affected"}]},{"vendor":"Siemens","product":"SIMATIC S7-1500 CPU 1518-4 PN/DP MFP","defaultStatus":"unknown","versions":[{"version":"V3.1.5","lessThan":"*","versionType":"custom","status":"affected"}]},{"vendor":"Siemens","product":"SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP","defaultStatus":"unknown","versions":[{"version":"V3.1.5","lessThan":"*","versionType":"custom","status":"affected"}]},{"vendor":"Siemens","product":"SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP","defaultStatus":"unknown","versions":[{"version":"V3.1.5","lessThan":"*","versionType":"custom","status":"affected"}]},{"vendor":"Siemens","product":"SIMATIC S7-1500 TM MFP - GNU/Linux subsystem","defaultStatus":"unknown","versions":[{"version":"0","lessThan":"*","versionType":"custom","status":"affected"}]},{"vendor":"Siemens","product":"SIPLUS S7-1500 CPU 1518-4 PN/DP MFP","defaultStatus":"unknown","versions":[{"version":"V3.1.5","lessThan":"*","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"secalert@redhat.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"NONE","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.4,"impactScore":5.8}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-07-10T15:21:27.766014Z","id":"CVE-2025-7425","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"secalert@redhat.com","type":"Secondary","description":[{"lang":"en","value":"CWE-416"}]}],"references":[{"url":"https://access.redhat.com/errata/RHBA-2025:12345","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:12447","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:12450","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:13267","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:13308","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:13309","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:13310","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:13311","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:13312","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:13313","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:13314","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:13335","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:13464","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:13622","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:14059","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:14396","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:14818","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:14819","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:14853","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:14858","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:15308","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:15672","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:15827","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:15828","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:18219","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:21885","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:21913","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:0934","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:11503","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/security/cve/CVE-2025-7425","source":"secalert@redhat.com"},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2379274","source":"secalert@redhat.com"},{"url":"https://gitlab.gnome.org/GNOME/libxslt/-/issues/140","source":"secalert@redhat.com"},{"url":"http://seclists.org/fulldisclosure/2025/Aug/0","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://seclists.org/fulldisclosure/2025/Jul/30","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://seclists.org/fulldisclosure/2025/Jul/32","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://seclists.org/fulldisclosure/2025/Jul/35","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://seclists.org/fulldisclosure/2025/Jul/37","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://www.openwall.com/lists/oss-security/2025/07/11/2","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://lists.debian.org/debian-lts-announce/2025/09/msg00035.html","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://cert-portal.siemens.com/productcert/html/ssa-032379.html","source":"0b142b55-0307-4c5a-b3c9-f314f3fb7c5e"},{"url":"https://cert-portal.siemens.com/productcert/html/ssa-082556.html","source":"0b142b55-0307-4c5a-b3c9-f314f3fb7c5e"},{"url":"https://cert-portal.siemens.com/productcert/html/ssa-265688.html","source":"0b142b55-0307-4c5a-b3c9-f314f3fb7c5e"},{"url":"https://cert-portal.siemens.com/productcert/html/ssa-577017.html","source":"0b142b55-0307-4c5a-b3c9-f314f3fb7c5e"},{"url":"https://gitlab.gnome.org/GNOME/libxslt/-/issues/140","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0"}]}},{"cve":{"id":"CVE-2025-20272","sourceIdentifier":"psirt@cisco.com","published":"2025-07-16T17:15:28.613","lastModified":"2026-06-29T17:13:30.407","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"A vulnerability in a subset of REST APIs of Cisco Prime Infrastructure and Cisco Evolved Programmable Network Manager (EPNM) could allow an authenticated, low-privileged, remote attacker to conduct a blind SQL injection attack.\r\n\r\nThis vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by sending a crafted request to an affected API. A successful exploit could allow the attacker to view data in some database tables on an affected device."},{"lang":"es","value":"Una vulnerabilidad en un subconjunto de las API REST de Cisco Prime Infrastructure y Cisco Evolved Programmable Network Manager (EPNM) podría permitir que un atacante remoto autenticado y con pocos privilegios realice un ataque de inyección SQL a ciegas. Esta vulnerabilidad se debe a una validación insuficiente de la entrada proporcionada por el usuario. Un atacante podría explotar esta vulnerabilidad enviando una solicitud manipulada a una API afectada. Una explotación exitosa podría permitir al atacante ver datos en algunas tablas de bases de datos en un dispositivo afectado."}],"affected":[{"source":"psirt@cisco.com","affectedData":[{"vendor":"Cisco","product":"Cisco Evolved Programmable Network Manager (EPNM)","defaultStatus":"unknown","versions":[{"version":"3.0.1","status":"affected"},{"version":"3.1.2","status":"affected"},{"version":"1.2","status":"affected"},{"version":"3.1.1","status":"affected"},{"version":"3.1.3","status":"affected"},{"version":"3.1","status":"affected"},{"version":"3.0.3","status":"affected"},{"version":"3.0.2","status":"affected"},{"version":"3.0","status":"affected"},{"version":"2.2","status":"affected"},{"version":"1.1","status":"affected"},{"version":"2.1","status":"affected"},{"version":"2.0","status":"affected"},{"version":"4.1","status":"affected"},{"version":"4.1.1","status":"affected"},{"version":"4.0.3","status":"affected"},{"version":"4.0.1","status":"affected"},{"version":"4.0.2","status":"affected"},{"version":"4.0","status":"affected"},{"version":"5.0","status":"affected"},{"version":"5.0.1","status":"affected"},{"version":"5.1.1","status":"affected"},{"version":"5.1","status":"affected"},{"version":"5.0.2","status":"affected"},{"version":"5.1.2","status":"affected"},{"version":"5.1.3","status":"affected"},{"version":"5.1.4","status":"affected"},{"version":"6.1.1","status":"affected"},{"version":"6.1","status":"affected"},{"version":"6.0.0","status":"affected"},{"version":"6.0.1","status":"affected"},{"version":"6.0.2","status":"affected"},{"version":"7.0.0","status":"affected"},{"version":"1.2.5","status":"affected"},{"version":"1.2.6","status":"affected"},{"version":"2.0.1","status":"affected"},{"version":"1.2.2","status":"affected"},{"version":"1.2.3","status":"affected"},{"version":"1.2.4","status":"affected"},{"version":"1.2.7","status":"affected"},{"version":"1.2.1.2","status":"affected"},{"version":"2.2.1","status":"affected"},{"version":"2.1.3","status":"affected"},{"version":"2.0.2","status":"affected"},{"version":"2.0.3","status":"affected"},{"version":"2.1.2","status":"affected"},{"version":"2.0.4","status":"affected"},{"version":"2.1.1","status":"affected"},{"version":"5.0.2.5","status":"affected"},{"version":"5.1.4.3","status":"affected"},{"version":"6.0.2.1","status":"affected"},{"version":"6.1.1.1","status":"affected"},{"version":"5.0.2.1","status":"affected"},{"version":"5.0.2.2","status":"affected"},{"version":"5.0.2.3","status":"affected"},{"version":"5.0.2.4","status":"affected"},{"version":"5.1.4.1","status":"affected"},{"version":"5.1.4.2","status":"affected"},{"version":"2.1.4","status":"affected"},{"version":"2.2.4","status":"affected"},{"version":"2.2.3","status":"affected"},{"version":"2.2.5","status":"affected"},{"version":"5.1.3.2","status":"affected"},{"version":"5.1.3.1","status":"affected"},{"version":"6.0.1.1","status":"affected"},{"version":"4.1.1.2","status":"affected"},{"version":"4.1.1.1","status":"affected"},{"version":"4.0.3.1","status":"affected"},{"version":"2.0.1.1","status":"affected"},{"version":"2.1.1.3","status":"affected"},{"version":"2.1.1.1","status":"affected"},{"version":"2.1.1.4","status":"affected"},{"version":"2.0.4.2","status":"affected"},{"version":"2.0.4.1","status":"affected"},{"version":"2.1.2.2","status":"affected"},{"version":"2.1.2.3","status":"affected"},{"version":"2.0.2.1","status":"affected"},{"version":"2.1.3.4","status":"affected"},{"version":"2.1.3.3","status":"affected"},{"version":"2.1.3.2","status":"affected"},{"version":"2.1.3.5","status":"affected"},{"version":"2.2.1.2","status":"affected"},{"version":"2.2.1.1","status":"affected"},{"version":"2.2.1.4","status":"affected"},{"version":"2.2.1.3","status":"affected"},{"version":"1.2.4.2","status":"affected"},{"version":"1.2.2.4","status":"affected"},{"version":"6.0.3","status":"affected"},{"version":"5.1.4.4","status":"affected"},{"version":"5.0.2.6","status":"affected"},{"version":"6.0.3.1","status":"affected"},{"version":"6.1.2","status":"affected"},{"version":"6.1.1.2.2","status":"affected"},{"version":"6.1.2.1","status":"affected"},{"version":"6.1.2.2","status":"affected"},{"version":"7.1.1","status":"affected"},{"version":"7.1.2.1","status":"affected"},{"version":"7.0.1.3","status":"affected"},{"version":"7.1.3","status":"affected"},{"version":"7.1.2","status":"affected"},{"version":"7.0.1.2","status":"affected"},{"version":"7.0.1.1","status":"affected"},{"version":"7.0.1","status":"affected"},{"version":"7.1.0","status":"affected"},{"version":"8.0.0","status":"affected"},{"version":"6.1.2.3","status":"affected"},{"version":"8.0.0.1","status":"affected"},{"version":"7.1.3.1","status":"affected"},{"version":"7.1.4","status":"affected"},{"version":"8.1.0","status":"affected"}]},{"vendor":"Cisco","product":"Cisco Prime Infrastructure","defaultStatus":"unknown","versions":[{"version":"3.0.0","status":"affected"},{"version":"3.1.0","status":"affected"},{"version":"3.1.5","status":"affected"},{"version":"2.1","status":"affected"},{"version":"2.0.0","status":"affected"},{"version":"3.6.0","status":"affected"},{"version":"3.7.0","status":"affected"},{"version":"3.4.0","status":"affected"},{"version":"3.3.0","status":"affected"},{"version":"3.2","status":"affected"},{"version":"3.5.0","status":"affected"},{"version":"3.2.0-FIPS","status":"affected"},{"version":"2.2","status":"affected"},{"version":"3.8.0-FED","status":"affected"},{"version":"3.9.0","status":"affected"},{"version":"3.8.0","status":"affected"},{"version":"3.10.0","status":"affected"},{"version":"3.1.1","status":"affected"},{"version":"2.1.2","status":"affected"},{"version":"2.2.1","status":"affected"},{"version":"2.2.0","status":"affected"},{"version":"3.0.2","status":"affected"},{"version":"3.0.3","status":"affected"},{"version":"3.0.1","status":"affected"},{"version":"2.2.2","status":"affected"},{"version":"2.2.3","status":"affected"},{"version":"2.1.0","status":"affected"},{"version":"2.1.1","status":"affected"},{"version":"3.9.1","status":"affected"},{"version":"2.0.10","status":"affected"},{"version":"3.8.1","status":"affected"},{"version":"3.7.1","status":"affected"},{"version":"3.5.1","status":"affected"},{"version":"3.4.2","status":"affected"},{"version":"3.3.1","status":"affected"},{"version":"3.1.7","status":"affected"},{"version":"3.2.1","status":"affected"},{"version":"3.2.2","status":"affected"},{"version":"3.1.6","status":"affected"},{"version":"3.1.2","status":"affected"},{"version":"3.4.1","status":"affected"},{"version":"3.1.3","status":"affected"},{"version":"3.1.4","status":"affected"},{"version":"3.0.6","status":"affected"},{"version":"2.2.10","status":"affected"},{"version":"3.0.4","status":"affected"},{"version":"3.0.5","status":"affected"},{"version":"2.1.56","status":"affected"},{"version":"2.2.4","status":"affected"},{"version":"2.2.9","status":"affected"},{"version":"2.2.8","status":"affected"},{"version":"2.2.5","status":"affected"},{"version":"2.2.7","status":"affected"},{"version":"2.0.39","status":"affected"},{"version":"3.8_DP1","status":"affected"},{"version":"3.9_DP1","status":"affected"},{"version":"3.7_DP2","status":"affected"},{"version":"3.6_DP1","status":"affected"},{"version":"3.5_DP4","status":"affected"},{"version":"3.5_DP2","status":"affected"},{"version":"3.4_DP10","status":"affected"},{"version":"3.7_DP1","status":"affected"},{"version":"3.5_DP3","status":"affected"},{"version":"3.4_DP11","status":"affected"},{"version":"3.5_DP1","status":"affected"},{"version":"3.4_DP8","status":"affected"},{"version":"3.4_DP1","status":"affected"},{"version":"3.4_DP3","status":"affected"},{"version":"3.4_DP5","status":"affected"},{"version":"3.4_DP2","status":"affected"},{"version":"3.4_DP7","status":"affected"},{"version":"3.4_DP6","status":"affected"},{"version":"3.3_DP4","status":"affected"},{"version":"3.4_DP4","status":"affected"},{"version":"3.4_DP9","status":"affected"},{"version":"3.1_DP16","status":"affected"},{"version":"3.3_DP2","status":"affected"},{"version":"3.3_DP3","status":"affected"},{"version":"3.1_DP15","status":"affected"},{"version":"3.3_DP1","status":"affected"},{"version":"3.1_DP13","status":"affected"},{"version":"3.2_DP2","status":"affected"},{"version":"3.2_DP1","status":"affected"},{"version":"3.2_DP3","status":"affected"},{"version":"3.1_DP14","status":"affected"},{"version":"3.2_DP4","status":"affected"},{"version":"3.1_DP7","status":"affected"},{"version":"3.1_DP10","status":"affected"},{"version":"3.1_DP11","status":"affected"},{"version":"3.1_DP4","status":"affected"},{"version":"3.1_DP6","status":"affected"},{"version":"3.1_DP12","status":"affected"},{"version":"3.1_DP5","status":"affected"},{"version":"3.0.7","status":"affected"},{"version":"3.1_DP9","status":"affected"},{"version":"3.1_DP8","status":"affected"},{"version":"3.10_DP1","status":"affected"},{"version":"3.10.2","status":"affected"},{"version":"3.10.3","status":"affected"},{"version":"3.10","status":"affected"},{"version":"3.10.1","status":"affected"},{"version":"3.7.1 Update 03","status":"affected"},{"version":"3.7.1 Update 04","status":"affected"},{"version":"3.7.1 Update 06","status":"affected"},{"version":"3.7.1 Update 07","status":"affected"},{"version":"3.8.1 Update 01","status":"affected"},{"version":"3.8.1 Update 02","status":"affected"},{"version":"3.8.1 Update 03","status":"affected"},{"version":"3.8.1 Update 04","status":"affected"},{"version":"3.9.1 Update 01","status":"affected"},{"version":"3.9.1 Update 02","status":"affected"},{"version":"3.9.1 Update 03","status":"affected"},{"version":"3.9.1 Update 04","status":"affected"},{"version":"3.10 Update 01","status":"affected"},{"version":"3.4.2 Update 01","status":"affected"},{"version":"3.6.0 Update 04","status":"affected"},{"version":"3.6.0 Update 02","status":"affected"},{"version":"3.6.0 Update 03","status":"affected"},{"version":"3.6.0 Update 01","status":"affected"},{"version":"3.5.1 Update 03","status":"affected"},{"version":"3.5.1 Update 01","status":"affected"},{"version":"3.5.1 Update 02","status":"affected"},{"version":"3.7.0 Update 03","status":"affected"},{"version":"2.2.3 Update 05","status":"affected"},{"version":"2.2.3 Update 04","status":"affected"},{"version":"2.2.3 Update 06","status":"affected"},{"version":"2.2.3 Update 03","status":"affected"},{"version":"2.2.3 Update 02","status":"affected"},{"version":"2.2.1 Update 01","status":"affected"},{"version":"2.2.2 Update 03","status":"affected"},{"version":"2.2.2 Update 04","status":"affected"},{"version":"3.8.0 Update 01","status":"affected"},{"version":"3.8.0 Update 02","status":"affected"},{"version":"3.7.1 Update 01","status":"affected"},{"version":"3.7.1 Update 02","status":"affected"},{"version":"3.7.1 Update 05","status":"affected"},{"version":"3.9.0 Update 01","status":"affected"},{"version":"3.3.0 Update 01","status":"affected"},{"version":"3.4.1 Update 02","status":"affected"},{"version":"3.4.1 Update 01","status":"affected"},{"version":"3.5.0 Update 03","status":"affected"},{"version":"3.5.0 Update 01","status":"affected"},{"version":"3.5.0 Update 02","status":"affected"},{"version":"3.10.4","status":"affected"},{"version":"3.10.4 Update 01","status":"affected"},{"version":"3.10.4 Update 02","status":"affected"},{"version":"3.10.4 Update 03","status":"affected"},{"version":"3.10.5","status":"affected"},{"version":"3.10.6","status":"affected"},{"version":"3.10.6 Update 01","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"psirt@cisco.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N","baseScore":4.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":1.4}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-07-18T14:30:45.473947Z","id":"CVE-2025-20272","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"psirt@cisco.com","type":"Secondary","description":[{"lang":"en","value":"CWE-89"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:prime_infrastructure:*:-:*:*:*:*:*:*","versionEndExcluding":"3.10.6","matchCriteriaId":"EF7C2643-1964-467F-BCF5-48264CF3C1ED"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:prime_infrastructure:3.10.6:-:*:*:*:*:*:*","matchCriteriaId":"94273457-DA21-40F8-B8E8-A6DA0F5A8300"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:prime_infrastructure:3.10.6:security_update_01:*:*:*:*:*:*","matchCriteriaId":"3A33A68B-7264-44F1-AF87-992FBA582FA6"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:evolved_programmable_network_manager:*:*:*:*:*:*:*:*","versionEndExcluding":"8.0.1","matchCriteriaId":"0EBCF576-3111-4EB1-9962-3DFEF44C7F90"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:evolved_programmable_network_manager:8.1.0:*:*:*:*:*:*:*","matchCriteriaId":"30C9B83D-54D0-4C11-BD6F-542DF7CBE6C1"}]}]}],"references":[{"url":"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-piepnm-bsi-25JJqsbb","source":"psirt@cisco.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2023-32256","sourceIdentifier":"secalert@redhat.com","published":"2025-08-01T18:15:27.910","lastModified":"2026-06-29T21:16:29.390","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"A flaw was found in the Linux kernel's ksmbd component. A race condition between smb2 close operation and logoff in multichannel connections could result in a use-after-free issue."},{"lang":"es","value":"Se detectó una falla en el componente ksmbd del kernel de Linux. Una condición de ejecución entre la operación de cierre de smb2 y el cierre de sesión en conexiones multicanal podría provocar un problema de use-after-free."}],"affected":[{"source":"secalert@redhat.com","affectedData":[{"defaultStatus":"unaffected","collectionURL":"https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/","packageName":"linux","versions":[{"version":"0","lessThan":"5.15.145","versionType":"semvar","status":"affected"},{"version":"6.0.0","lessThan":"6.0.*","versionType":"semvar","status":"affected"},{"version":"6.1.0","lessThan":"6.1.29","versionType":"semvar","status":"affected"},{"version":"6.2.0","lessThan":"6.2.16","versionType":"semvar","status":"affected"},{"version":"6.3.0","lessThan":"6.3.2","versionType":"semvar","status":"affected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 10","defaultStatus":"unaffected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"kernel","cpes":["cpe:/o:redhat:enterprise_linux:10"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 6","defaultStatus":"unaffected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"kernel","cpes":["cpe:/o:redhat:enterprise_linux:6"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 7","defaultStatus":"unaffected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"kernel","cpes":["cpe:/o:redhat:enterprise_linux:7"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 7","defaultStatus":"unaffected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"kernel-rt","cpes":["cpe:/o:redhat:enterprise_linux:7"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8","defaultStatus":"unaffected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"kernel","cpes":["cpe:/o:redhat:enterprise_linux:8"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8","defaultStatus":"unaffected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"kernel-rt","cpes":["cpe:/o:redhat:enterprise_linux:8"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9","defaultStatus":"unaffected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"kernel","cpes":["cpe:/o:redhat:enterprise_linux:9"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9","defaultStatus":"unaffected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"kernel-rt","cpes":["cpe:/o:redhat:enterprise_linux:9"]}]}],"metrics":{"cvssMetricV31":[{"source":"secalert@redhat.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:N/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":2.2,"impactScore":4.7}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-08-01T19:19:19.939025Z","id":"CVE-2023-32256","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"secalert@redhat.com","type":"Secondary","description":[{"lang":"en","value":"CWE-421"}]}],"references":[{"url":"https://access.redhat.com/security/cve/CVE-2023-32256","source":"secalert@redhat.com"},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2385885","source":"secalert@redhat.com"},{"url":"https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=abcc506a9a71976a8b4c9bf3ee6efd13229c1e19","source":"secalert@redhat.com"},{"url":"https://www.zerodayinitiative.com/advisories/ZDI-23-704/","source":"secalert@redhat.com"}]}},{"cve":{"id":"CVE-2025-8067","sourceIdentifier":"secalert@redhat.com","published":"2025-08-28T15:16:03.600","lastModified":"2026-06-29T21:16:38.433","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"A flaw was found in the Udisks daemon, where it allows unprivileged users to create loop devices using the D-BUS system. This is achieved via the loop device handler, which handles requests sent through the D-BUS interface. As two of the parameters of this handle, it receives the file descriptor list and index specifying the file where the loop device should be backed. The function itself validates the index value to ensure it isn't bigger than the maximum value allowed. However, it fails to validate the lower bound, allowing the index parameter to be a negative value. Under these circumstances, an attacker can cause the UDisks daemon to crash or perform a local privilege escalation by gaining access to files owned by privileged users."}],"affected":[{"source":"secalert@redhat.com","affectedData":[{"vendor":"storaged-project","product":"udisks","defaultStatus":"unaffected","collectionURL":"https://github.com/storaged-project/udisks","packageName":"udisks2","versions":[{"version":"0","lessThan":"2.10.2","versionType":"semver","status":"affected"},{"version":"2.10.3","lessThan":"2.10.91","versionType":"semver","status":"affected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 10","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"udisks2","cpes":["cpe:/o:redhat:enterprise_linux:10.0"],"versions":[{"version":"0:2.10.90-5.el10_0.1","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 7 Extended Lifecycle Support","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"udisks2","cpes":["cpe:/o:redhat:rhel_els:7"],"versions":[{"version":"0:2.8.4-1.el7_9.2","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"udisks2","cpes":["cpe:/a:redhat:enterprise_linux:8::appstream","cpe:/a:redhat:enterprise_linux:8::crb"],"versions":[{"version":"0:2.9.0-16.el8_10.1","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.2 Advanced Update Support","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"udisks2","cpes":["cpe:/a:redhat:rhel_aus:8.2::appstream"],"versions":[{"version":"0:2.8.3-2.el8_2.1","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"udisks2","cpes":["cpe:/a:redhat:rhel_aus:8.4::appstream","cpe:/a:redhat:rhel_eus_long_life:8.4::appstream"],"versions":[{"version":"0:2.9.0-6.el8_4.1","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"udisks2","cpes":["cpe:/a:redhat:rhel_aus:8.4::appstream","cpe:/a:redhat:rhel_eus_long_life:8.4::appstream"],"versions":[{"version":"0:2.9.0-6.el8_4.1","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"udisks2","cpes":["cpe:/a:redhat:rhel_aus:8.6::appstream","cpe:/a:redhat:rhel_e4s:8.6::appstream","cpe:/a:redhat:rhel_tus:8.6::appstream"],"versions":[{"version":"0:2.9.0-9.el8_6.1","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.6 Telecommunications Update Service","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"udisks2","cpes":["cpe:/a:redhat:rhel_aus:8.6::appstream","cpe:/a:redhat:rhel_e4s:8.6::appstream","cpe:/a:redhat:rhel_tus:8.6::appstream"],"versions":[{"version":"0:2.9.0-9.el8_6.1","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"udisks2","cpes":["cpe:/a:redhat:rhel_aus:8.6::appstream","cpe:/a:redhat:rhel_e4s:8.6::appstream","cpe:/a:redhat:rhel_tus:8.6::appstream"],"versions":[{"version":"0:2.9.0-9.el8_6.1","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.8 Telecommunications Update Service","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"udisks2","cpes":["cpe:/a:redhat:rhel_e4s:8.8::appstream","cpe:/a:redhat:rhel_tus:8.8::appstream"],"versions":[{"version":"0:2.9.0-13.el8_8.1","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"udisks2","cpes":["cpe:/a:redhat:rhel_e4s:8.8::appstream","cpe:/a:redhat:rhel_tus:8.8::appstream"],"versions":[{"version":"0:2.9.0-13.el8_8.1","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"udisks2","cpes":["cpe:/a:redhat:enterprise_linux:9::appstream","cpe:/a:redhat:enterprise_linux:9::crb"],"versions":[{"version":"0:2.9.4-11.el9_6.1","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"udisks2","cpes":["cpe:/a:redhat:rhel_e4s:9.0::appstream"],"versions":[{"version":"0:2.9.4-3.el9_0.2","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"udisks2","cpes":["cpe:/a:redhat:rhel_e4s:9.2::appstream"],"versions":[{"version":"0:2.9.4-7.el9_2.2","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9.4 Extended Update Support","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"udisks2","cpes":["cpe:/a:redhat:rhel_eus:9.4::appstream","cpe:/a:redhat:rhel_eus:9.4::crb"],"versions":[{"version":"0:2.9.4-10.el9_4.2","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 6","defaultStatus":"unknown","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"udisks","cpes":["cpe:/o:redhat:enterprise_linux:6"]}]}],"metrics":{"cvssMetricV31":[{"source":"secalert@redhat.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:H","baseScore":8.5,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"HIGH"},"exploitabilityScore":2.5,"impactScore":5.3}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-08-28T16:20:49.738181Z","id":"CVE-2025-8067","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"secalert@redhat.com","type":"Secondary","description":[{"lang":"en","value":"CWE-125"}]}],"references":[{"url":"https://access.redhat.com/errata/RHSA-2025:15017","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:15018","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:15020","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:15956","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:16021","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:16090","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:16106","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:16121","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:16122","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:16125","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:16130","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/security/cve/CVE-2025-8067","source":"secalert@redhat.com"},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2388623","source":"secalert@redhat.com"},{"url":"http://www.openwall.com/lists/oss-security/2025/08/28/1","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://lists.debian.org/debian-lts-announce/2025/08/msg00023.html","source":"af854a3a-2127-422b-91ae-364da2661108"}]}},{"cve":{"id":"CVE-2025-9900","sourceIdentifier":"secalert@redhat.com","published":"2025-09-23T17:15:38.357","lastModified":"2026-06-29T21:16:42.667","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"A flaw was found in Libtiff. This vulnerability is a \"write-what-where\" condition, triggered when the library processes a specially crafted TIFF image file.\n\nBy providing an abnormally large image height value in the file's metadata, an attacker can trick the library into writing attacker-controlled color data to an arbitrary memory location. This memory corruption can be exploited to cause a denial of service (application crash) or to achieve arbitrary code execution with the permissions of the user."}],"affected":[{"source":"secalert@redhat.com","affectedData":[{"defaultStatus":"unaffected","collectionURL":"https://libtiff.gitlab.io/libtiff/","packageName":"libtiff","versions":[{"version":"0","lessThan":"4.7.1","versionType":"semver","status":"affected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 10","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"libtiff","cpes":["cpe:/o:redhat:enterprise_linux:10.0"],"versions":[{"version":"0:4.6.0-6.el10_0.1","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 10","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"libtiff","cpes":["cpe:/o:redhat:enterprise_linux:10.1"],"versions":[{"version":"0:4.6.0-6.el10_1.1","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 7 Extended Lifecycle Support","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"compat-libtiff3","cpes":["cpe:/o:redhat:rhel_els:7"],"versions":[{"version":"0:3.9.4-12.el7_9.1","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 7 Extended Lifecycle Support","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"libtiff","cpes":["cpe:/o:redhat:rhel_els:7"],"versions":[{"version":"0:4.0.3-35.el7_9.1","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"compat-libtiff3","cpes":["cpe:/a:redhat:enterprise_linux:8::appstream"],"versions":[{"version":"0:3.9.4-14.el8_10","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"libtiff","cpes":["cpe:/a:redhat:enterprise_linux:8::appstream","cpe:/a:redhat:enterprise_linux:8::crb"],"versions":[{"version":"0:4.0.9-35.el8_10","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"mingw-libtiff","cpes":["cpe:/a:redhat:enterprise_linux:8::crb"],"versions":[{"version":"0:4.0.9-3.el8_10","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.2 Advanced Update Support","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"compat-libtiff3","cpes":["cpe:/a:redhat:rhel_aus:8.2::appstream"],"versions":[{"version":"0:3.9.4-13.el8_2.1","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.2 Advanced Update Support","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"libtiff","cpes":["cpe:/a:redhat:rhel_aus:8.2::appstream"],"versions":[{"version":"0:4.0.9-17.el8_2.1","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.2 Advanced Update Support","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"spice-client-win","cpes":["cpe:/a:redhat:rhel_aus:8.2::appstream"],"versions":[{"version":"0:8.10-3.el8_2.1","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"compat-libtiff3","cpes":["cpe:/a:redhat:rhel_aus:8.4::appstream","cpe:/a:redhat:rhel_eus_long_life:8.4::appstream"],"versions":[{"version":"0:3.9.4-13.el8_4.1","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"libtiff","cpes":["cpe:/a:redhat:rhel_aus:8.4::appstream","cpe:/a:redhat:rhel_eus_long_life:8.4::appstream"],"versions":[{"version":"0:4.0.9-18.el8_4.1","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"spice-client-win","cpes":["cpe:/a:redhat:rhel_aus:8.4::appstream","cpe:/a:redhat:rhel_eus_long_life:8.4::appstream"],"versions":[{"version":"0:8.10-3.el8_4.1","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"compat-libtiff3","cpes":["cpe:/a:redhat:rhel_aus:8.4::appstream","cpe:/a:redhat:rhel_eus_long_life:8.4::appstream"],"versions":[{"version":"0:3.9.4-13.el8_4.1","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"libtiff","cpes":["cpe:/a:redhat:rhel_aus:8.4::appstream","cpe:/a:redhat:rhel_eus_long_life:8.4::appstream"],"versions":[{"version":"0:4.0.9-18.el8_4.1","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"spice-client-win","cpes":["cpe:/a:redhat:rhel_aus:8.4::appstream","cpe:/a:redhat:rhel_eus_long_life:8.4::appstream"],"versions":[{"version":"0:8.10-3.el8_4.1","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"compat-libtiff3","cpes":["cpe:/a:redhat:rhel_aus:8.6::appstream","cpe:/a:redhat:rhel_e4s:8.6::appstream","cpe:/a:redhat:rhel_tus:8.6::appstream"],"versions":[{"version":"0:3.9.4-13.el8_6.1","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"libtiff","cpes":["cpe:/a:redhat:rhel_aus:8.6::appstream","cpe:/a:redhat:rhel_e4s:8.6::appstream","cpe:/a:redhat:rhel_tus:8.6::appstream"],"versions":[{"version":"0:4.0.9-21.el8_6.1","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"spice-client-win","cpes":["cpe:/a:redhat:rhel_aus:8.6::appstream","cpe:/a:redhat:rhel_e4s:8.6::appstream","cpe:/a:redhat:rhel_tus:8.6::appstream"],"versions":[{"version":"0:8.10-3.el8_6.1","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.6 Telecommunications Update Service","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"compat-libtiff3","cpes":["cpe:/a:redhat:rhel_aus:8.6::appstream","cpe:/a:redhat:rhel_e4s:8.6::appstream","cpe:/a:redhat:rhel_tus:8.6::appstream"],"versions":[{"version":"0:3.9.4-13.el8_6.1","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.6 Telecommunications Update Service","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"libtiff","cpes":["cpe:/a:redhat:rhel_aus:8.6::appstream","cpe:/a:redhat:rhel_e4s:8.6::appstream","cpe:/a:redhat:rhel_tus:8.6::appstream"],"versions":[{"version":"0:4.0.9-21.el8_6.1","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.6 Telecommunications Update Service","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"spice-client-win","cpes":["cpe:/a:redhat:rhel_aus:8.6::appstream","cpe:/a:redhat:rhel_e4s:8.6::appstream","cpe:/a:redhat:rhel_tus:8.6::appstream"],"versions":[{"version":"0:8.10-3.el8_6.1","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"compat-libtiff3","cpes":["cpe:/a:redhat:rhel_aus:8.6::appstream","cpe:/a:redhat:rhel_e4s:8.6::appstream","cpe:/a:redhat:rhel_tus:8.6::appstream"],"versions":[{"version":"0:3.9.4-13.el8_6.1","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"libtiff","cpes":["cpe:/a:redhat:rhel_aus:8.6::appstream","cpe:/a:redhat:rhel_e4s:8.6::appstream","cpe:/a:redhat:rhel_tus:8.6::appstream"],"versions":[{"version":"0:4.0.9-21.el8_6.1","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"spice-client-win","cpes":["cpe:/a:redhat:rhel_aus:8.6::appstream","cpe:/a:redhat:rhel_e4s:8.6::appstream","cpe:/a:redhat:rhel_tus:8.6::appstream"],"versions":[{"version":"0:8.10-3.el8_6.1","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.8 Telecommunications Update Service","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"compat-libtiff3","cpes":["cpe:/a:redhat:rhel_e4s:8.8::appstream","cpe:/a:redhat:rhel_tus:8.8::appstream"],"versions":[{"version":"0:3.9.4-13.el8_8.1","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.8 Telecommunications Update Service","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"libtiff","cpes":["cpe:/a:redhat:rhel_e4s:8.8::appstream","cpe:/a:redhat:rhel_tus:8.8::appstream"],"versions":[{"version":"0:4.0.9-29.el8_8.1","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.8 Telecommunications Update Service","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"spice-client-win","cpes":["cpe:/a:redhat:rhel_e4s:8.8::appstream","cpe:/a:redhat:rhel_tus:8.8::appstream"],"versions":[{"version":"0:8.10-3.el8_8.1","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"compat-libtiff3","cpes":["cpe:/a:redhat:rhel_e4s:8.8::appstream","cpe:/a:redhat:rhel_tus:8.8::appstream"],"versions":[{"version":"0:3.9.4-13.el8_8.1","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"libtiff","cpes":["cpe:/a:redhat:rhel_e4s:8.8::appstream","cpe:/a:redhat:rhel_tus:8.8::appstream"],"versions":[{"version":"0:4.0.9-29.el8_8.1","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"spice-client-win","cpes":["cpe:/a:redhat:rhel_e4s:8.8::appstream","cpe:/a:redhat:rhel_tus:8.8::appstream"],"versions":[{"version":"0:8.10-3.el8_8.1","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"libtiff","cpes":["cpe:/a:redhat:enterprise_linux:9::appstream","cpe:/a:redhat:enterprise_linux:9::crb"],"versions":[{"version":"0:4.4.0-13.el9_6.2","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"libtiff","cpes":["cpe:/a:redhat:enterprise_linux:9::appstream","cpe:/a:redhat:enterprise_linux:9::crb"],"versions":[{"version":"0:4.4.0-15.el9_7.2","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"libtiff","cpes":["cpe:/a:redhat:rhel_e4s:9.0::appstream"],"versions":[{"version":"0:4.2.0-3.el9_0.2","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"libtiff","cpes":["cpe:/a:redhat:rhel_e4s:9.2::appstream"],"versions":[{"version":"0:4.4.0-8.el9_2.4","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9.4 Extended Update Support","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"libtiff","cpes":["cpe:/a:redhat:rhel_eus:9.4::appstream","cpe:/a:redhat:rhel_eus:9.4::crb"],"versions":[{"version":"0:4.4.0-12.el9_4.4","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat AI Inference Server 3.2","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"rhaiis/vllm-cuda-rhel9","cpes":["cpe:/a:redhat:ai_inference_server:3.2::el9"],"versions":[{"version":"3.2.2-1765379088","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat AI Inference Server 3.2","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"rhaiis/vllm-rocm-rhel9","cpes":["cpe:/a:redhat:ai_inference_server:3.2::el9"],"versions":[{"version":"3.2.2-1765379049","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat AI Inference Server 3.2","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"rhaiis/model-opt-cuda-rhel9","cpes":["cpe:/a:redhat:ai_inference_server:3.2::el9"],"versions":[{"version":"3.2.2-1764871796","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat AI Inference Server 3.2","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"rhaiis/vllm-cuda-rhel9","cpes":["cpe:/a:redhat:ai_inference_server:3.2::el9"],"versions":[{"version":"1772160593","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat AI Inference Server 3.2","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"rhaiis/vllm-rocm-rhel9","cpes":["cpe:/a:redhat:ai_inference_server:3.2::el9"],"versions":[{"version":"1772160625","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Discovery 2","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"discovery/discovery-ui-rhel9","cpes":["cpe:/a:redhat:discovery:2::el9"],"versions":[{"version":"2.4.0-1763656152","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Hardened Images","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"libtiff-main","cpes":["cpe:/a:redhat:hummingbird:1"],"versions":[{"version":"4.7.1-2.1.hum1","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 6","defaultStatus":"unknown","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"libtiff","cpes":["cpe:/o:redhat:enterprise_linux:6"]}]}],"metrics":{"cvssMetricV31":[{"source":"secalert@redhat.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-09-23T00:00:00+00:00","id":"CVE-2025-9900","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"secalert@redhat.com","type":"Secondary","description":[{"lang":"en","value":"CWE-123"}]}],"references":[{"url":"https://access.redhat.com/errata/RHSA-2025:17651","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:17675","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:17710","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:17738","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:17739","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:17740","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:19113","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:19156","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:19276","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:19906","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:19947","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:20956","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:20998","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:21060","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:21061","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:21062","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:21407","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:21506","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:21507","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:21508","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:21994","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:23078","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:23079","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:23080","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:0001","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:0076","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:0077","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:0078","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:3461","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:3462","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:7504","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/security/cve/CVE-2025-9900","source":"secalert@redhat.com"},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2392784","source":"secalert@redhat.com"},{"url":"https://github.com/SexyShoelessGodofWar/LibTiff-4.7.0-Write-What-Where?tab=readme-ov-file","source":"secalert@redhat.com"},{"url":"https://gitlab.com/libtiff/libtiff/-/issues/704","source":"secalert@redhat.com"},{"url":"https://gitlab.com/libtiff/libtiff/-/merge_requests/732","source":"secalert@redhat.com"},{"url":"https://libtiff.gitlab.io/libtiff/releases/v4.7.1.html","source":"secalert@redhat.com"},{"url":"http://www.openwall.com/lists/oss-security/2025/09/26/3","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://lists.debian.org/debian-lts-announce/2025/09/msg00031.html","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://github.com/SexyShoelessGodofWar/LibTiff-4.7.0-Write-What-Where?tab=readme-ov-file","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0"}]}},{"cve":{"id":"CVE-2025-11021","sourceIdentifier":"secalert@redhat.com","published":"2025-09-26T09:15:31.370","lastModified":"2026-06-29T21:16:31.343","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"A flaw was found in the cookie date handling logic of the libsoup HTTP library, widely used by GNOME and other applications for web communication. When processing cookies with specially crafted expiration dates, the library may perform an out-of-bounds memory read. This flaw could result in unintended disclosure of memory contents, potentially exposing sensitive information from the process using libsoup."}],"affected":[{"source":"secalert@redhat.com","affectedData":[{"defaultStatus":"unaffected","collectionURL":"https://gitlab.gnome.org/GNOME/libsoup/","packageName":"libsoup","versions":[{"version":"0","lessThanOrEqual":"3.6.5","versionType":"semver","status":"affected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 10","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"libsoup3","cpes":["cpe:/o:redhat:enterprise_linux:10.0"],"versions":[{"version":"0:3.6.5-3.el10_0.7","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 10","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"libsoup3","cpes":["cpe:/o:redhat:enterprise_linux:10.1"],"versions":[{"version":"0:3.6.5-3.el10_1.6","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 7 Extended Lifecycle Support","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"libsoup","cpes":["cpe:/o:redhat:rhel_els:7"],"versions":[{"version":"0:2.62.2-9.el7_9","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"libsoup","cpes":["cpe:/a:redhat:enterprise_linux:8::appstream","cpe:/o:redhat:enterprise_linux:8::baseos"],"versions":[{"version":"0:2.62.3-10.el8_10","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"libsoup","cpes":["cpe:/a:redhat:enterprise_linux:8::appstream","cpe:/o:redhat:enterprise_linux:8::baseos"],"versions":[{"version":"0:2.62.3-10.el8_10","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.2 Advanced Update Support","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"libsoup","cpes":["cpe:/a:redhat:rhel_aus:8.2::appstream","cpe:/o:redhat:rhel_aus:8.2::baseos"],"versions":[{"version":"0:2.62.3-1.el8_2.6","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"libsoup","cpes":["cpe:/a:redhat:rhel_aus:8.4::appstream","cpe:/a:redhat:rhel_eus_long_life:8.4::appstream","cpe:/o:redhat:rhel_aus:8.4::baseos","cpe:/o:redhat:rhel_eus_long_life:8.4::baseos"],"versions":[{"version":"0:2.62.3-2.el8_4.6","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"libsoup","cpes":["cpe:/a:redhat:rhel_aus:8.4::appstream","cpe:/a:redhat:rhel_eus_long_life:8.4::appstream","cpe:/o:redhat:rhel_aus:8.4::baseos","cpe:/o:redhat:rhel_eus_long_life:8.4::baseos"],"versions":[{"version":"0:2.62.3-2.el8_4.6","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"libsoup","cpes":["cpe:/a:redhat:rhel_aus:8.6::appstream","cpe:/a:redhat:rhel_e4s:8.6::appstream","cpe:/a:redhat:rhel_tus:8.6::appstream","cpe:/o:redhat:rhel_aus:8.6::baseos","cpe:/o:redhat:rhel_e4s:8.6::baseos","cpe:/o:redhat:rhel_tus:8.6::baseos"],"versions":[{"version":"0:2.62.3-2.el8_6.6","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.6 Telecommunications Update Service","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"libsoup","cpes":["cpe:/a:redhat:rhel_aus:8.6::appstream","cpe:/a:redhat:rhel_e4s:8.6::appstream","cpe:/a:redhat:rhel_tus:8.6::appstream","cpe:/o:redhat:rhel_aus:8.6::baseos","cpe:/o:redhat:rhel_e4s:8.6::baseos","cpe:/o:redhat:rhel_tus:8.6::baseos"],"versions":[{"version":"0:2.62.3-2.el8_6.6","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"libsoup","cpes":["cpe:/a:redhat:rhel_aus:8.6::appstream","cpe:/a:redhat:rhel_e4s:8.6::appstream","cpe:/a:redhat:rhel_tus:8.6::appstream","cpe:/o:redhat:rhel_aus:8.6::baseos","cpe:/o:redhat:rhel_e4s:8.6::baseos","cpe:/o:redhat:rhel_tus:8.6::baseos"],"versions":[{"version":"0:2.62.3-2.el8_6.6","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"libsoup","cpes":["cpe:/a:redhat:rhel_e4s:8.8::appstream","cpe:/o:redhat:rhel_e4s:8.8::baseos"],"versions":[{"version":"0:2.62.3-3.el8_8.6","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"libsoup","cpes":["cpe:/a:redhat:enterprise_linux:9::appstream"],"versions":[{"version":"0:2.72.0-10.el9_6.3","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"libsoup","cpes":["cpe:/a:redhat:enterprise_linux:9::appstream"],"versions":[{"version":"0:2.72.0-12.el9_7.1","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"libsoup","cpes":["cpe:/a:redhat:rhel_e4s:9.0::appstream"],"versions":[{"version":"0:2.72.0-8.el9_0.6","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"libsoup","cpes":["cpe:/a:redhat:rhel_e4s:9.2::appstream"],"versions":[{"version":"0:2.72.0-8.el9_2.6","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9.4 Extended Update Support","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"libsoup","cpes":["cpe:/a:redhat:rhel_eus:9.4::appstream"],"versions":[{"version":"0:2.72.0-8.el9_4.6","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 6","defaultStatus":"unknown","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"libsoup","cpes":["cpe:/o:redhat:enterprise_linux:6"]}]}],"metrics":{"cvssMetricV31":[{"source":"secalert@redhat.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-09-26T15:34:18.202277Z","id":"CVE-2025-11021","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"secalert@redhat.com","type":"Secondary","description":[{"lang":"en","value":"CWE-125"}]}],"references":[{"url":"https://access.redhat.com/errata/RHSA-2025:18183","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:19713","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:19714","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:20959","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:21032","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:21655","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:21656","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:21657","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:21664","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:21665","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:21666","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:21772","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:22013","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/security/cve/CVE-2025-11021","source":"secalert@redhat.com"},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2399627","source":"secalert@redhat.com"},{"url":"https://gitlab.gnome.org/GNOME/libsoup/-/issues/459","source":"secalert@redhat.com"}]}},{"cve":{"id":"CVE-2025-10230","sourceIdentifier":"secalert@redhat.com","published":"2025-11-07T20:15:35.630","lastModified":"2026-06-29T21:16:31.200","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"A flaw was found in Samba, in the front-end WINS hook handling: NetBIOS names from registration packets are passed to a shell without proper validation or escaping. Unsanitized NetBIOS name data from WINS registration packets are inserted into a shell command and executed by the Samba Active Directory Domain Controller’s wins hook, allowing an unauthenticated network attacker to achieve remote command execution as the Samba process."}],"affected":[{"source":"secalert@redhat.com","affectedData":[{"defaultStatus":"unaffected","collectionURL":"https://www.samba.org/","packageName":"samba","versions":[{"version":"0","lessThan":"4.21.9","versionType":"semver","status":"affected"},{"version":"4.22.0","lessThan":"4.21.5","versionType":"semver","status":"affected"},{"version":"4.23.0","lessThan":"4.23.2","versionType":"semver","status":"affected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 10","defaultStatus":"unaffected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"samba","cpes":["cpe:/o:redhat:enterprise_linux:10"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 6","defaultStatus":"unaffected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"samba","cpes":["cpe:/o:redhat:enterprise_linux:6"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 6","defaultStatus":"unaffected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"samba4","cpes":["cpe:/o:redhat:enterprise_linux:6"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 7","defaultStatus":"unaffected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"samba","cpes":["cpe:/o:redhat:enterprise_linux:7"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8","defaultStatus":"unaffected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"samba","cpes":["cpe:/o:redhat:enterprise_linux:8"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9","defaultStatus":"unaffected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"samba","cpes":["cpe:/o:redhat:enterprise_linux:9"]},{"vendor":"Red Hat","product":"Red Hat OpenShift Container Platform 4","defaultStatus":"unaffected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"rhcos","cpes":["cpe:/a:redhat:openshift:4"]}]}],"metrics":{"cvssMetricV31":[{"source":"secalert@redhat.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H","baseScore":10.0,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":6.0}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-11-08T04:55:22.583378Z","id":"CVE-2025-10230","options":[{"exploitation":"poc"},{"automatable":"yes"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"secalert@redhat.com","type":"Secondary","description":[{"lang":"en","value":"CWE-78"}]}],"references":[{"url":"https://access.redhat.com/security/cve/CVE-2025-10230","source":"secalert@redhat.com"},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2394377","source":"secalert@redhat.com"},{"url":"https://www.samba.org/samba/history/security.html","source":"secalert@redhat.com"},{"url":"https://www.vicarius.io/vsociety/posts/cve-2025-10230-detect-samba-vulnerability","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://www.vicarius.io/vsociety/posts/cve-2025-10230-mitigate-samba-vulnerability","source":"af854a3a-2127-422b-91ae-364da2661108"}]}},{"cve":{"id":"CVE-2025-30398","sourceIdentifier":"secure@microsoft.com","published":"2025-11-11T18:15:35.107","lastModified":"2026-06-29T15:27:36.100","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Missing authorization in Nuance PowerScribe allows an unauthorized attacker to disclose information over a network."}],"affected":[{"source":"secure@microsoft.com","affectedData":[{"vendor":"Microsoft","product":"Nuance PowerScribe 360 version 4.0.1","versions":[{"version":"4.0.1","lessThan":"7.0.111.66","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Nuance PowerScribe 360 version 4.0.2","versions":[{"version":"4.0.2","lessThan":"7.0.154.16","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Nuance PowerScribe 360 version 4.0.3","versions":[{"version":"4.0.3","lessThan":"7.0.197.8","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Nuance PowerScribe 360 version 4.0.4","versions":[{"version":"4.0.4","lessThan":"7.0.212.9","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Nuance PowerScribe 360 version 4.0.5","versions":[{"version":"4.0.5","lessThan":"7.0.243.17","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Nuance PowerScribe 360 version 4.0.6","versions":[{"version":"4.0.6","lessThan":"7.0.277.26","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Nuance PowerScribe 360 version 4.0.7","versions":[{"version":"4.0.7","lessThan":"7.0.316.9","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Nuance PowerScribe 360 version 4.0.8","versions":[{"version":"4.0.8","lessThan":"7.0.427.13","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Nuance PowerScribe 360 version 4.0.9","versions":[{"version":"4.0.9","lessThan":"7.0.528.18","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Nuance PowerScribe One version 2019.1","versions":[{"version":"2019.1","lessThan":"2019.1.96.5","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Nuance PowerScribe One version 2019.10","versions":[{"version":"2019.10","lessThan":"2019.10.36.4","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Nuance PowerScribe One version 2019.2","versions":[{"version":"2019.2","lessThan":"2019.2.9.8","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Nuance PowerScribe One version 2019.3","versions":[{"version":"2019.3","lessThan":"2019.3.16.20","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Nuance PowerScribe One version 2019.4","versions":[{"version":"2019.4","lessThan":"2019.4.9.16","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Nuance PowerScribe One version 2019.5","versions":[{"version":"2019.5","lessThan":"2019.5.14.39","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Nuance PowerScribe One version 2019.6","versions":[{"version":"2019.6","lessThan":"2019.6.36.39","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Nuance PowerScribe One version 2019.7","versions":[{"version":"2019.7","lessThan":"2019.7.107.21","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Nuance PowerScribe One version 2019.8","versions":[{"version":"2019.8","lessThan":"2019.8.43.15","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Nuance PowerScribe One version 2019.9","versions":[{"version":"2019.9","lessThan":"2019.9.31.19","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"PowerScribe One version 2023.1 SP2 Patch 7","versions":[{"version":"2023.1","lessThan":"2023.2.3027.0","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"secure@microsoft.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N","baseScore":8.1,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":5.2},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N","baseScore":8.1,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":5.2}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-11-12T14:40:54.242798Z","id":"CVE-2025-30398","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"secure@microsoft.com","type":"Secondary","description":[{"lang":"en","value":"CWE-862"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:nuance_powerscribe_360:4.0.1:*:*:*:*:*:*:*","matchCriteriaId":"A11285B4-4EC6-4BF1-8A1B-47FF97C4FDB6"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:nuance_powerscribe_360:4.0.2:*:*:*:*:*:*:*","matchCriteriaId":"338738D0-96CD-408B-B782-1C5BA01B3753"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:nuance_powerscribe_360:4.0.3:*:*:*:*:*:*:*","matchCriteriaId":"8B5C5313-39F8-4C4C-A789-E64F2AD7D150"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:nuance_powerscribe_360:4.0.4:*:*:*:*:*:*:*","matchCriteriaId":"A5E14BBD-F77C-4946-A4C9-143E47299977"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:nuance_powerscribe_360:4.0.5:*:*:*:*:*:*:*","matchCriteriaId":"7CF04E38-FD09-4B6B-B5CF-F0F49982CF1C"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:nuance_powerscribe_360:4.0.6:*:*:*:*:*:*:*","matchCriteriaId":"463A6A94-C936-44B4-B4B6-6C88A93F1D37"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:nuance_powerscribe_360:4.0.7:*:*:*:*:*:*:*","matchCriteriaId":"98EC89A0-23EE-4638-A2C3-4C4D917DA9EE"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:nuance_powerscribe_360:4.0.8:*:*:*:*:*:*:*","matchCriteriaId":"67F8EF7B-FE3C-42FE-A00B-40E7CFCDA961"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:nuance_powerscribe_360:4.0.9:*:*:*:*:*:*:*","matchCriteriaId":"F5B27622-02CA-4374-91B8-52BED59F92EF"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:nuance_powerscribe_one:2019.1:*:*:*:*:*:*:*","matchCriteriaId":"62329468-E85C-4A3C-A0BF-8BA11941DED5"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:nuance_powerscribe_one:2019.2:*:*:*:*:*:*:*","matchCriteriaId":"3EDC600D-8637-4BAB-AC7D-A9D95B03DAB9"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:nuance_powerscribe_one:2019.3:*:*:*:*:*:*:*","matchCriteriaId":"47AC5A9D-8016-4BDB-9D8F-098CFD93855A"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:nuance_powerscribe_one:2019.4:*:*:*:*:*:*:*","matchCriteriaId":"9B6B794A-C467-411D-9468-A7ADDA7D6157"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:nuance_powerscribe_one:2019.5:*:*:*:*:*:*:*","matchCriteriaId":"870B35F1-75F2-4EBB-A4C5-F6C3118BBC25"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:nuance_powerscribe_one:2019.6:*:*:*:*:*:*:*","matchCriteriaId":"548FC39C-8C08-4285-A5FC-0785738C4471"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:nuance_powerscribe_one:2019.7:*:*:*:*:*:*:*","matchCriteriaId":"4F44CAAE-A020-4F81-BF96-48F9D6559A7D"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:nuance_powerscribe_one:2019.8:*:*:*:*:*:*:*","matchCriteriaId":"EA71CDB3-269C-4EE8-9F46-FD7CC1284B9C"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:nuance_powerscribe_one:2019.9:*:*:*:*:*:*:*","matchCriteriaId":"F374C80B-0336-4687-879B-1745234B9E37"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:nuance_powerscribe_one:2019.10:*:*:*:*:*:*:*","matchCriteriaId":"682143B4-04BA-4C11-AAE8-E687B6BE4688"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:nuance_powerscribe_one:2023.1:sp2_patch_7:*:*:*:*:*:*","matchCriteriaId":"AA5407C0-0336-4055-BD18-EA68C7C40218"}]}]}],"references":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-30398","source":"secure@microsoft.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2025-13609","sourceIdentifier":"secalert@redhat.com","published":"2025-11-24T18:15:49.830","lastModified":"2026-06-29T21:16:32.227","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"A vulnerability has been identified in keylime where an attacker can exploit this flaw by registering a new agent using a different Trusted Platform Module (TPM) device but claiming an existing agent's unique identifier (UUID). This action overwrites the legitimate agent's identity, enabling the attacker to impersonate the compromised agent and potentially bypass security controls."}],"affected":[{"source":"secalert@redhat.com","affectedData":[{"vendor":"Keylime Project","product":"keylime","defaultStatus":"unaffected","collectionURL":"https://github.com/keylime/keylime","packageName":"keylime","versions":[{"version":"0","lessThan":"7.14.0","versionType":"semver","status":"affected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 10","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"keylime","cpes":["cpe:/o:redhat:enterprise_linux:10.1"],"versions":[{"version":"0:7.12.1-11.el10_1.3","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 10.0 Extended Update Support","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"keylime","cpes":["cpe:/o:redhat:enterprise_linux_eus:10.0"],"versions":[{"version":"0:7.12.1-2.el10_0.4","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"keylime","cpes":["cpe:/a:redhat:enterprise_linux:9::appstream"],"versions":[{"version":"0:7.12.1-11.el9_7.3","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"keylime","cpes":["cpe:/a:redhat:rhel_e4s:9.2::appstream"],"versions":[{"version":"0:6.5.2-6.el9_2.1","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9.4 Extended Update Support","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"keylime","cpes":["cpe:/a:redhat:rhel_eus:9.4::appstream"],"versions":[{"version":"0:7.3.0-13.el9_4.1","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9.6 Extended Update Support","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"keylime","cpes":["cpe:/a:redhat:rhel_eus:9.6::appstream"],"versions":[{"version":"0:7.3.0-15.el9_6.1","lessThan":"*","versionType":"rpm","status":"unaffected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"secalert@redhat.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:H/A:L","baseScore":8.2,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"HIGH","availabilityImpact":"LOW"},"exploitabilityScore":2.3,"impactScore":5.3}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-11-24T19:00:14.018523Z","id":"CVE-2025-13609","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"secalert@redhat.com","type":"Secondary","description":[{"lang":"en","value":"CWE-694"}]}],"references":[{"url":"https://access.redhat.com/errata/RHSA-2025:23201","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:23210","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:23628","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:23735","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:23852","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:0429","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/security/cve/CVE-2025-13609","source":"secalert@redhat.com"},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2416761","source":"secalert@redhat.com"},{"url":"https://github.com/keylime/keylime/issues/1820","source":"secalert@redhat.com"}]}},{"cve":{"id":"CVE-2025-13502","sourceIdentifier":"secalert@redhat.com","published":"2025-11-25T08:15:51.917","lastModified":"2026-06-29T21:16:31.987","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"A flaw was found in WebKitGTK and WPE WebKit. This vulnerability allows an out-of-bounds read and integer underflow, leading to a UIProcess crash (DoS) via a crafted payload to the GLib remote inspector server."}],"affected":[{"source":"secalert@redhat.com","affectedData":[{"vendor":"The WebKitGTK Team","product":"webkitgtk","defaultStatus":"unaffected","collectionURL":"https://github.com/WebKit/WebKit","packageName":"webkitgtk","versions":[{"version":"0","lessThan":"2.50.2","versionType":"semver","status":"affected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 7 Extended Lifecycle Support","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"webkitgtk4","cpes":["cpe:/o:redhat:rhel_els:7"],"versions":[{"version":"0:2.50.3-2.el7_9","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"webkit2gtk3","cpes":["cpe:/a:redhat:enterprise_linux:8::appstream"],"versions":[{"version":"0:2.50.3-1.el8_10","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.2 Advanced Update Support","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"webkit2gtk3","cpes":["cpe:/a:redhat:rhel_aus:8.2::appstream"],"versions":[{"version":"0:2.50.3-2.el8_2","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"webkit2gtk3","cpes":["cpe:/a:redhat:rhel_aus:8.4::appstream","cpe:/a:redhat:rhel_eus_long_life:8.4::appstream"],"versions":[{"version":"0:2.50.3-2.el8_4","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"webkit2gtk3","cpes":["cpe:/a:redhat:rhel_aus:8.4::appstream","cpe:/a:redhat:rhel_eus_long_life:8.4::appstream"],"versions":[{"version":"0:2.50.3-2.el8_4","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"webkit2gtk3","cpes":["cpe:/a:redhat:rhel_aus:8.6::appstream","cpe:/a:redhat:rhel_e4s:8.6::appstream","cpe:/a:redhat:rhel_tus:8.6::appstream"],"versions":[{"version":"0:2.50.3-2.el8_6","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.6 Telecommunications Update Service","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"webkit2gtk3","cpes":["cpe:/a:redhat:rhel_aus:8.6::appstream","cpe:/a:redhat:rhel_e4s:8.6::appstream","cpe:/a:redhat:rhel_tus:8.6::appstream"],"versions":[{"version":"0:2.50.3-2.el8_6","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"webkit2gtk3","cpes":["cpe:/a:redhat:rhel_aus:8.6::appstream","cpe:/a:redhat:rhel_e4s:8.6::appstream","cpe:/a:redhat:rhel_tus:8.6::appstream"],"versions":[{"version":"0:2.50.3-2.el8_6","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.8 Telecommunications Update Service","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"webkit2gtk3","cpes":["cpe:/a:redhat:rhel_e4s:8.8::appstream","cpe:/a:redhat:rhel_tus:8.8::appstream"],"versions":[{"version":"0:2.50.3-2.el8_8","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"webkit2gtk3","cpes":["cpe:/a:redhat:rhel_e4s:8.8::appstream","cpe:/a:redhat:rhel_tus:8.8::appstream"],"versions":[{"version":"0:2.50.3-2.el8_8","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"webkit2gtk3","cpes":["cpe:/a:redhat:enterprise_linux:9::appstream"],"versions":[{"version":"0:2.50.3-1.el9_7","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"webkit2gtk3","cpes":["cpe:/a:redhat:rhel_e4s:9.0::appstream"],"versions":[{"version":"0:2.50.3-1.el9_0","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"webkit2gtk3","cpes":["cpe:/a:redhat:rhel_e4s:9.2::appstream"],"versions":[{"version":"0:2.50.3-1.el9_2","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9.4 Extended Update Support","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"webkit2gtk3","cpes":["cpe:/a:redhat:rhel_eus:9.4::appstream"],"versions":[{"version":"0:2.50.3-1.el9_4","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9.6 Extended Update Support","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"webkit2gtk3","cpes":["cpe:/a:redhat:rhel_eus:9.6::appstream"],"versions":[{"version":"0:2.50.3-1.el9_6","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 6","defaultStatus":"unknown","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"webkitgtk","cpes":["cpe:/o:redhat:enterprise_linux:6"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 7","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"webkitgtk3","cpes":["cpe:/o:redhat:enterprise_linux:7"]}]}],"metrics":{"cvssMetricV31":[{"source":"secalert@redhat.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-11-25T14:40:21.609732Z","id":"CVE-2025-13502","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"secalert@redhat.com","type":"Secondary","description":[{"lang":"en","value":"CWE-125"}]}],"references":[{"url":"https://access.redhat.com/errata/RHSA-2025:22789","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:22790","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:23110","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:23433","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:23434","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:23451","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:23452","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:23583","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:23591","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:23742","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:23743","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/security/cve/CVE-2025-13502","source":"secalert@redhat.com"},{"url":"https://bugs.webkit.org/show_bug.cgi?id=302218","source":"secalert@redhat.com"},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2416300","source":"secalert@redhat.com"}]}},{"cve":{"id":"CVE-2025-13947","sourceIdentifier":"secalert@redhat.com","published":"2025-12-03T10:15:47.710","lastModified":"2026-06-29T21:16:32.370","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"A flaw was found in WebKitGTK. This vulnerability allows remote, user-assisted information disclosure that can reveal any file the user is permitted to read via abusing the file drag-and-drop mechanism where WebKitGTK does not verify that drag operations originate from outside the browser."}],"affected":[{"source":"secalert@redhat.com","affectedData":[{"vendor":"The WebKitGTK Team","product":"webkitgtk","defaultStatus":"unaffected","collectionURL":"https://github.com/WebKit/WebKit","packageName":"webkitgtk","versions":[{"version":"0","lessThan":"2.50.3","versionType":"semver","status":"affected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 7 Extended Lifecycle Support","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"webkitgtk4","cpes":["cpe:/o:redhat:rhel_els:7"],"versions":[{"version":"0:2.50.3-2.el7_9","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"webkit2gtk3","cpes":["cpe:/a:redhat:enterprise_linux:8::appstream"],"versions":[{"version":"0:2.50.3-1.el8_10","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.2 Advanced Update Support","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"webkit2gtk3","cpes":["cpe:/a:redhat:rhel_aus:8.2::appstream"],"versions":[{"version":"0:2.50.3-2.el8_2","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"webkit2gtk3","cpes":["cpe:/a:redhat:rhel_aus:8.4::appstream","cpe:/a:redhat:rhel_eus_long_life:8.4::appstream"],"versions":[{"version":"0:2.50.3-2.el8_4","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"webkit2gtk3","cpes":["cpe:/a:redhat:rhel_aus:8.4::appstream","cpe:/a:redhat:rhel_eus_long_life:8.4::appstream"],"versions":[{"version":"0:2.50.3-2.el8_4","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"webkit2gtk3","cpes":["cpe:/a:redhat:rhel_aus:8.6::appstream","cpe:/a:redhat:rhel_e4s:8.6::appstream","cpe:/a:redhat:rhel_tus:8.6::appstream"],"versions":[{"version":"0:2.50.3-2.el8_6","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.6 Telecommunications Update Service","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"webkit2gtk3","cpes":["cpe:/a:redhat:rhel_aus:8.6::appstream","cpe:/a:redhat:rhel_e4s:8.6::appstream","cpe:/a:redhat:rhel_tus:8.6::appstream"],"versions":[{"version":"0:2.50.3-2.el8_6","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"webkit2gtk3","cpes":["cpe:/a:redhat:rhel_aus:8.6::appstream","cpe:/a:redhat:rhel_e4s:8.6::appstream","cpe:/a:redhat:rhel_tus:8.6::appstream"],"versions":[{"version":"0:2.50.3-2.el8_6","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.8 Telecommunications Update Service","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"webkit2gtk3","cpes":["cpe:/a:redhat:rhel_e4s:8.8::appstream","cpe:/a:redhat:rhel_tus:8.8::appstream"],"versions":[{"version":"0:2.50.3-2.el8_8","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"webkit2gtk3","cpes":["cpe:/a:redhat:rhel_e4s:8.8::appstream","cpe:/a:redhat:rhel_tus:8.8::appstream"],"versions":[{"version":"0:2.50.3-2.el8_8","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"webkit2gtk3","cpes":["cpe:/a:redhat:enterprise_linux:9::appstream"],"versions":[{"version":"0:2.50.3-1.el9_7","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"webkit2gtk3","cpes":["cpe:/a:redhat:rhel_e4s:9.0::appstream"],"versions":[{"version":"0:2.50.3-1.el9_0","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"webkit2gtk3","cpes":["cpe:/a:redhat:rhel_e4s:9.2::appstream"],"versions":[{"version":"0:2.50.3-1.el9_2","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9.4 Extended Update Support","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"webkit2gtk3","cpes":["cpe:/a:redhat:rhel_eus:9.4::appstream"],"versions":[{"version":"0:2.50.3-1.el9_4","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9.6 Extended Update Support","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"webkit2gtk3","cpes":["cpe:/a:redhat:rhel_eus:9.6::appstream"],"versions":[{"version":"0:2.50.3-1.el9_6","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 6","defaultStatus":"unknown","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"webkitgtk","cpes":["cpe:/o:redhat:enterprise_linux:6"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 7","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"webkitgtk3","cpes":["cpe:/o:redhat:enterprise_linux:7"]}]}],"metrics":{"cvssMetricV31":[{"source":"secalert@redhat.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N","baseScore":7.4,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":4.0}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-12-03T14:12:21.517767Z","id":"CVE-2025-13947","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-346"}]}],"references":[{"url":"https://access.redhat.com/errata/RHSA-2025:22789","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:22790","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:23110","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:23433","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:23434","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:23451","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:23452","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:23583","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:23591","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:23742","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:23743","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/security/cve/CVE-2025-13947","source":"secalert@redhat.com"},{"url":"https://bugs.webkit.org/show_bug.cgi?id=271957","source":"secalert@redhat.com"},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2418576","source":"secalert@redhat.com"}]}},{"cve":{"id":"CVE-2025-66287","sourceIdentifier":"secalert@redhat.com","published":"2025-12-04T17:15:56.647","lastModified":"2026-06-29T21:16:37.550","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"A flaw was found in WebKitGTK. Processing malicious web content can cause an unexpected process crash due to improper memory handling."}],"affected":[{"source":"secalert@redhat.com","affectedData":[{"vendor":"The WebKitGTK Team","product":"WebKitGTK","defaultStatus":"unaffected","collectionURL":"https://github.com/WebKit/WebKit","packageName":"webkitgtk","versions":[{"version":"0","lessThan":"2.50.3","versionType":"semver","status":"affected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 7 Extended Lifecycle Support","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"webkitgtk4","cpes":["cpe:/o:redhat:rhel_els:7"],"versions":[{"version":"0:2.50.3-2.el7_9","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"webkit2gtk3","cpes":["cpe:/a:redhat:enterprise_linux:8::appstream"],"versions":[{"version":"0:2.50.3-1.el8_10","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.2 Advanced Update Support","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"webkit2gtk3","cpes":["cpe:/a:redhat:rhel_aus:8.2::appstream"],"versions":[{"version":"0:2.50.3-2.el8_2","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"webkit2gtk3","cpes":["cpe:/a:redhat:rhel_aus:8.4::appstream","cpe:/a:redhat:rhel_eus_long_life:8.4::appstream"],"versions":[{"version":"0:2.50.3-2.el8_4","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"webkit2gtk3","cpes":["cpe:/a:redhat:rhel_aus:8.4::appstream","cpe:/a:redhat:rhel_eus_long_life:8.4::appstream"],"versions":[{"version":"0:2.50.3-2.el8_4","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"webkit2gtk3","cpes":["cpe:/a:redhat:rhel_aus:8.6::appstream","cpe:/a:redhat:rhel_e4s:8.6::appstream","cpe:/a:redhat:rhel_tus:8.6::appstream"],"versions":[{"version":"0:2.50.3-2.el8_6","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.6 Telecommunications Update Service","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"webkit2gtk3","cpes":["cpe:/a:redhat:rhel_aus:8.6::appstream","cpe:/a:redhat:rhel_e4s:8.6::appstream","cpe:/a:redhat:rhel_tus:8.6::appstream"],"versions":[{"version":"0:2.50.3-2.el8_6","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"webkit2gtk3","cpes":["cpe:/a:redhat:rhel_aus:8.6::appstream","cpe:/a:redhat:rhel_e4s:8.6::appstream","cpe:/a:redhat:rhel_tus:8.6::appstream"],"versions":[{"version":"0:2.50.3-2.el8_6","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.8 Telecommunications Update Service","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"webkit2gtk3","cpes":["cpe:/a:redhat:rhel_e4s:8.8::appstream","cpe:/a:redhat:rhel_tus:8.8::appstream"],"versions":[{"version":"0:2.50.3-2.el8_8","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"webkit2gtk3","cpes":["cpe:/a:redhat:rhel_e4s:8.8::appstream","cpe:/a:redhat:rhel_tus:8.8::appstream"],"versions":[{"version":"0:2.50.3-2.el8_8","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"webkit2gtk3","cpes":["cpe:/a:redhat:enterprise_linux:9::appstream"],"versions":[{"version":"0:2.50.3-1.el9_7","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"webkit2gtk3","cpes":["cpe:/a:redhat:rhel_e4s:9.0::appstream"],"versions":[{"version":"0:2.50.3-1.el9_0","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"webkit2gtk3","cpes":["cpe:/a:redhat:rhel_e4s:9.2::appstream"],"versions":[{"version":"0:2.50.3-1.el9_2","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9.4 Extended Update Support","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"webkit2gtk3","cpes":["cpe:/a:redhat:rhel_eus:9.4::appstream"],"versions":[{"version":"0:2.50.3-1.el9_4","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9.6 Extended Update Support","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"webkit2gtk3","cpes":["cpe:/a:redhat:rhel_eus:9.6::appstream"],"versions":[{"version":"0:2.50.3-1.el9_6","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 6","defaultStatus":"unknown","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"webkitgtk","cpes":["cpe:/o:redhat:enterprise_linux:6"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 7","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"webkitgtk3","cpes":["cpe:/o:redhat:enterprise_linux:7"]}]}],"metrics":{"cvssMetricV31":[{"source":"secalert@redhat.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-12-04T20:55:04.444384Z","id":"CVE-2025-66287","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"secalert@redhat.com","type":"Secondary","description":[{"lang":"en","value":"CWE-120"}]}],"references":[{"url":"https://access.redhat.com/errata/RHSA-2025:22789","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:22790","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:23110","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:23433","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:23434","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:23451","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:23452","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:23583","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:23591","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:23742","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:23743","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/security/cve/CVE-2025-66287","source":"secalert@redhat.com"},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2418857","source":"secalert@redhat.com"},{"url":"https://webkitgtk.org/security/WSA-2025-0009.html","source":"secalert@redhat.com"}]}},{"cve":{"id":"CVE-2025-61821","sourceIdentifier":"psirt@adobe.com","published":"2025-12-10T00:16:10.163","lastModified":"2026-06-29T14:20:10.123","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"ColdFusion versions 2025.4, 2023.16, 2021.22 and earlier are affected by an Improper Restriction of XML External Entity Reference ('XXE') vulnerability that could lead to arbitrary file system read. An attacker could exploit this vulnerability to access sensitive files and data on the server. Exploit depends on conditions beyond the attacker's control. Exploitation of this issue does not require user interaction and scope is changed."}],"affected":[{"source":"psirt@adobe.com","affectedData":[{"vendor":"Adobe","product":"ColdFusion","defaultStatus":"affected","versions":[{"version":"0","lessThanOrEqual":"2021.22","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"psirt@adobe.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:N/A:N","baseScore":6.8,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":2.2,"impactScore":4.0},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:N/A:N","baseScore":6.8,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":2.2,"impactScore":4.0}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-12-10T15:47:30.459420Z","id":"CVE-2025-61821","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"psirt@adobe.com","type":"Secondary","description":[{"lang":"en","value":"CWE-611"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:adobe:coldfusion:2021:-:*:*:*:*:*:*","matchCriteriaId":"7A94B406-C011-4673-8C2B-0DD94D46CC4C"},{"vulnerable":true,"criteria":"cpe:2.3:a:adobe:coldfusion:2021:update1:*:*:*:*:*:*","matchCriteriaId":"AFD05E3A-10F9-4C75-9710-BA46B66FF6E6"},{"vulnerable":true,"criteria":"cpe:2.3:a:adobe:coldfusion:2021:update10:*:*:*:*:*:*","matchCriteriaId":"F1FC7D1D-6DD2-48B2-980F-B001B0F24473"},{"vulnerable":true,"criteria":"cpe:2.3:a:adobe:coldfusion:2021:update11:*:*:*:*:*:*","matchCriteriaId":"1FA19E1D-61C2-4640-AF06-4BCFE750BDF3"},{"vulnerable":true,"criteria":"cpe:2.3:a:adobe:coldfusion:2021:update12:*:*:*:*:*:*","matchCriteriaId":"3F331DEA-F3D0-4B13-AB1E-6FE39B2BB55D"},{"vulnerable":true,"criteria":"cpe:2.3:a:adobe:coldfusion:2021:update13:*:*:*:*:*:*","matchCriteriaId":"63D5CF84-4B0D-48AE-95D6-262AEA2FFDE8"},{"vulnerable":true,"criteria":"cpe:2.3:a:adobe:coldfusion:2021:update14:*:*:*:*:*:*","matchCriteriaId":"10616A3A-0C1C-474A-BD7D-A2A5BB870F74"},{"vulnerable":true,"criteria":"cpe:2.3:a:adobe:coldfusion:2021:update15:*:*:*:*:*:*","matchCriteriaId":"D7DA523E-1D9B-45FD-94D9-D4F9F2B9296B"},{"vulnerable":true,"criteria":"cpe:2.3:a:adobe:coldfusion:2021:update16:*:*:*:*:*:*","matchCriteriaId":"151AFF8B-F05C-4D27-85FC-DF88E9C11BEA"},{"vulnerable":true,"criteria":"cpe:2.3:a:adobe:coldfusion:2021:update17:*:*:*:*:*:*","matchCriteriaId":"53A0E245-2915-4DFF-AFB5-A12F5C435702"},{"vulnerable":true,"criteria":"cpe:2.3:a:adobe:coldfusion:2021:update18:*:*:*:*:*:*","matchCriteriaId":"C5653D18-7534-48A3-819F-9F049A418F99"},{"vulnerable":true,"criteria":"cpe:2.3:a:adobe:coldfusion:2021:update19:*:*:*:*:*:*","matchCriteriaId":"BABC6468-A780-4080-A930-4125D1B39C51"},{"vulnerable":true,"criteria":"cpe:2.3:a:adobe:coldfusion:2021:update2:*:*:*:*:*:*","matchCriteriaId":"D57C8681-AC68-47DF-A61E-B5C4B4A47663"},{"vulnerable":true,"criteria":"cpe:2.3:a:adobe:coldfusion:2021:update20:*:*:*:*:*:*","matchCriteriaId":"F58633C9-E957-46B7-8F5B-B060A8726E33"},{"vulnerable":true,"criteria":"cpe:2.3:a:adobe:coldfusion:2021:update21:*:*:*:*:*:*","matchCriteriaId":"3CF83653-86BB-461A-87F8-65D99EF2276E"},{"vulnerable":true,"criteria":"cpe:2.3:a:adobe:coldfusion:2021:update22:*:*:*:*:*:*","matchCriteriaId":"C2C67E15-22DE-44C0-8CB1-9AF8FCF09FA5"},{"vulnerable":true,"criteria":"cpe:2.3:a:adobe:coldfusion:2021:update3:*:*:*:*:*:*","matchCriteriaId":"75608383-B727-48D6-8FFA-D552A338A562"},{"vulnerable":true,"criteria":"cpe:2.3:a:adobe:coldfusion:2021:update4:*:*:*:*:*:*","matchCriteriaId":"7773DB68-414A-4BA9-960F-52471A784379"},{"vulnerable":true,"criteria":"cpe:2.3:a:adobe:coldfusion:2021:update5:*:*:*:*:*:*","matchCriteriaId":"B38B9E86-BCD5-4BCA-8FB7-EC55905184E6"},{"vulnerable":true,"criteria":"cpe:2.3:a:adobe:coldfusion:2021:update6:*:*:*:*:*:*","matchCriteriaId":"5E7BAB80-8455-4570-A2A2-8F40469EE9CC"},{"vulnerable":true,"criteria":"cpe:2.3:a:adobe:coldfusion:2021:update7:*:*:*:*:*:*","matchCriteriaId":"F9D645A2-E02D-4E82-A2BD-0A7DE5B8FBCC"},{"vulnerable":true,"criteria":"cpe:2.3:a:adobe:coldfusion:2021:update8:*:*:*:*:*:*","matchCriteriaId":"6E22D701-B038-4795-AA32-A18BC93C2B6F"},{"vulnerable":true,"criteria":"cpe:2.3:a:adobe:coldfusion:2021:update9:*:*:*:*:*:*","matchCriteriaId":"CAC4A0EC-C3FC-47D8-86CE-0E6A87A7F0B0"},{"vulnerable":true,"criteria":"cpe:2.3:a:adobe:coldfusion:2023:-:*:*:*:*:*:*","matchCriteriaId":"B02A37FE-5D31-4892-A3E6-156A8FE62D28"},{"vulnerable":true,"criteria":"cpe:2.3:a:adobe:coldfusion:2023:update1:*:*:*:*:*:*","matchCriteriaId":"0AA3D302-CFEE-4DFD-AB92-F53C87721BFF"},{"vulnerable":true,"criteria":"cpe:2.3:a:adobe:coldfusion:2023:update10:*:*:*:*:*:*","matchCriteriaId":"645D1B5F-2DAB-4AB8-A465-AC37FF494F95"},{"vulnerable":true,"criteria":"cpe:2.3:a:adobe:coldfusion:2023:update11:*:*:*:*:*:*","matchCriteriaId":"ED6D8996-0770-4C9F-BEA5-87EA479D40A5"},{"vulnerable":true,"criteria":"cpe:2.3:a:adobe:coldfusion:2023:update12:*:*:*:*:*:*","matchCriteriaId":"4836086E-3D4A-4A07-A372-382D385CB490"},{"vulnerable":true,"criteria":"cpe:2.3:a:adobe:coldfusion:2023:update13:*:*:*:*:*:*","matchCriteriaId":"CBC19168-4184-4B59-B9C8-E98844124EED"},{"vulnerable":true,"criteria":"cpe:2.3:a:adobe:coldfusion:2023:update14:*:*:*:*:*:*","matchCriteriaId":"A60DCD92-9A5B-411C-9554-642C91D77FAE"},{"vulnerable":true,"criteria":"cpe:2.3:a:adobe:coldfusion:2023:update15:*:*:*:*:*:*","matchCriteriaId":"58CC65EF-60A3-4DFA-AA51-E5013F116CEA"},{"vulnerable":true,"criteria":"cpe:2.3:a:adobe:coldfusion:2023:update16:*:*:*:*:*:*","matchCriteriaId":"2E3EBFB1-4488-4924-A2E2-B7E422D68345"},{"vulnerable":true,"criteria":"cpe:2.3:a:adobe:coldfusion:2023:update2:*:*:*:*:*:*","matchCriteriaId":"EB88D4FE-5496-4639-BAF2-9F29F24ABF29"},{"vulnerable":true,"criteria":"cpe:2.3:a:adobe:coldfusion:2023:update3:*:*:*:*:*:*","matchCriteriaId":"43E0ED98-2C1F-40B8-AF60-FEB1D85619C0"},{"vulnerable":true,"criteria":"cpe:2.3:a:adobe:coldfusion:2023:update4:*:*:*:*:*:*","matchCriteriaId":"76204873-C6E0-4202-8A03-0773270F1802"},{"vulnerable":true,"criteria":"cpe:2.3:a:adobe:coldfusion:2023:update5:*:*:*:*:*:*","matchCriteriaId":"C1A22BE9-0D47-4BA8-8BDB-9B12D7A0F7C7"},{"vulnerable":true,"criteria":"cpe:2.3:a:adobe:coldfusion:2023:update6:*:*:*:*:*:*","matchCriteriaId":"E3A83642-BF14-4C37-BD94-FA76AABE8ADC"},{"vulnerable":true,"criteria":"cpe:2.3:a:adobe:coldfusion:2023:update7:*:*:*:*:*:*","matchCriteriaId":"A892E1DC-F2C8-4F53-8580-A2D1BEED5A25"},{"vulnerable":true,"criteria":"cpe:2.3:a:adobe:coldfusion:2023:update8:*:*:*:*:*:*","matchCriteriaId":"DB97ADBA-C1A9-4EE0-9509-68CB12358AE5"},{"vulnerable":true,"criteria":"cpe:2.3:a:adobe:coldfusion:2023:update9:*:*:*:*:*:*","matchCriteriaId":"E17C38F0-9B0F-4433-9CBD-6E3D63EA9BDC"},{"vulnerable":true,"criteria":"cpe:2.3:a:adobe:coldfusion:2025:-:*:*:*:*:*:*","matchCriteriaId":"30779417-D4E5-4A01-BE0E-1CE1D134292A"},{"vulnerable":true,"criteria":"cpe:2.3:a:adobe:coldfusion:2025:update1:*:*:*:*:*:*","matchCriteriaId":"80D7FC6A-F264-4CB1-A18D-B091EBA47882"},{"vulnerable":true,"criteria":"cpe:2.3:a:adobe:coldfusion:2025:update2:*:*:*:*:*:*","matchCriteriaId":"E3DA0D20-93BA-4C76-A400-159853CD7277"},{"vulnerable":true,"criteria":"cpe:2.3:a:adobe:coldfusion:2025:update3:*:*:*:*:*:*","matchCriteriaId":"5BAB6F21-61F1-43AB-88BA-553CD9AD6C0E"},{"vulnerable":true,"criteria":"cpe:2.3:a:adobe:coldfusion:2025:update4:*:*:*:*:*:*","matchCriteriaId":"C85288B9-5D63-49EA-828A-8DB3BB2367F6"}]}]}],"references":[{"url":"https://helpx.adobe.com/security/products/coldfusion/apsb25-105.html","source":"psirt@adobe.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2025-64898","sourceIdentifier":"psirt@adobe.com","published":"2025-12-10T00:16:10.937","lastModified":"2026-06-29T14:20:13.120","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"ColdFusion versions 2025.4, 2023.16, 2021.22 and earlier are affected by an Insufficiently Protected Credentials vulnerability that could result in limited unauthorized write access. An attacker could leverage this vulnerability to gain unauthorized access by exploiting improperly stored or transmitted credentials. Exploitation of this issue does not require user interaction."}],"affected":[{"source":"psirt@adobe.com","affectedData":[{"vendor":"Adobe","product":"ColdFusion","defaultStatus":"affected","versions":[{"version":"0","lessThanOrEqual":"2021.22","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"psirt@adobe.com","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N","baseScore":5.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":1.4},{"source":"nvd@nist.gov","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N","baseScore":5.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":1.4}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-12-10T04:57:42.358021Z","id":"CVE-2025-64898","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"psirt@adobe.com","type":"Secondary","description":[{"lang":"en","value":"CWE-522"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:adobe:coldfusion:2021:-:*:*:*:*:*:*","matchCriteriaId":"7A94B406-C011-4673-8C2B-0DD94D46CC4C"},{"vulnerable":true,"criteria":"cpe:2.3:a:adobe:coldfusion:2021:update1:*:*:*:*:*:*","matchCriteriaId":"AFD05E3A-10F9-4C75-9710-BA46B66FF6E6"},{"vulnerable":true,"criteria":"cpe:2.3:a:adobe:coldfusion:2021:update10:*:*:*:*:*:*","matchCriteriaId":"F1FC7D1D-6DD2-48B2-980F-B001B0F24473"},{"vulnerable":true,"criteria":"cpe:2.3:a:adobe:coldfusion:2021:update11:*:*:*:*:*:*","matchCriteriaId":"1FA19E1D-61C2-4640-AF06-4BCFE750BDF3"},{"vulnerable":true,"criteria":"cpe:2.3:a:adobe:coldfusion:2021:update12:*:*:*:*:*:*","matchCriteriaId":"3F331DEA-F3D0-4B13-AB1E-6FE39B2BB55D"},{"vulnerable":true,"criteria":"cpe:2.3:a:adobe:coldfusion:2021:update13:*:*:*:*:*:*","matchCriteriaId":"63D5CF84-4B0D-48AE-95D6-262AEA2FFDE8"},{"vulnerable":true,"criteria":"cpe:2.3:a:adobe:coldfusion:2021:update14:*:*:*:*:*:*","matchCriteriaId":"10616A3A-0C1C-474A-BD7D-A2A5BB870F74"},{"vulnerable":true,"criteria":"cpe:2.3:a:adobe:coldfusion:2021:update15:*:*:*:*:*:*","matchCriteriaId":"D7DA523E-1D9B-45FD-94D9-D4F9F2B9296B"},{"vulnerable":true,"criteria":"cpe:2.3:a:adobe:coldfusion:2021:update16:*:*:*:*:*:*","matchCriteriaId":"151AFF8B-F05C-4D27-85FC-DF88E9C11BEA"},{"vulnerable":true,"criteria":"cpe:2.3:a:adobe:coldfusion:2021:update17:*:*:*:*:*:*","matchCriteriaId":"53A0E245-2915-4DFF-AFB5-A12F5C435702"},{"vulnerable":true,"criteria":"cpe:2.3:a:adobe:coldfusion:2021:update18:*:*:*:*:*:*","matchCriteriaId":"C5653D18-7534-48A3-819F-9F049A418F99"},{"vulnerable":true,"criteria":"cpe:2.3:a:adobe:coldfusion:2021:update19:*:*:*:*:*:*","matchCriteriaId":"BABC6468-A780-4080-A930-4125D1B39C51"},{"vulnerable":true,"criteria":"cpe:2.3:a:adobe:coldfusion:2021:update2:*:*:*:*:*:*","matchCriteriaId":"D57C8681-AC68-47DF-A61E-B5C4B4A47663"},{"vulnerable":true,"criteria":"cpe:2.3:a:adobe:coldfusion:2021:update20:*:*:*:*:*:*","matchCriteriaId":"F58633C9-E957-46B7-8F5B-B060A8726E33"},{"vulnerable":true,"criteria":"cpe:2.3:a:adobe:coldfusion:2021:update21:*:*:*:*:*:*","matchCriteriaId":"3CF83653-86BB-461A-87F8-65D99EF2276E"},{"vulnerable":true,"criteria":"cpe:2.3:a:adobe:coldfusion:2021:update22:*:*:*:*:*:*","matchCriteriaId":"C2C67E15-22DE-44C0-8CB1-9AF8FCF09FA5"},{"vulnerable":true,"criteria":"cpe:2.3:a:adobe:coldfusion:2021:update3:*:*:*:*:*:*","matchCriteriaId":"75608383-B727-48D6-8FFA-D552A338A562"},{"vulnerable":true,"criteria":"cpe:2.3:a:adobe:coldfusion:2021:update4:*:*:*:*:*:*","matchCriteriaId":"7773DB68-414A-4BA9-960F-52471A784379"},{"vulnerable":true,"criteria":"cpe:2.3:a:adobe:coldfusion:2021:update5:*:*:*:*:*:*","matchCriteriaId":"B38B9E86-BCD5-4BCA-8FB7-EC55905184E6"},{"vulnerable":true,"criteria":"cpe:2.3:a:adobe:coldfusion:2021:update6:*:*:*:*:*:*","matchCriteriaId":"5E7BAB80-8455-4570-A2A2-8F40469EE9CC"},{"vulnerable":true,"criteria":"cpe:2.3:a:adobe:coldfusion:2021:update7:*:*:*:*:*:*","matchCriteriaId":"F9D645A2-E02D-4E82-A2BD-0A7DE5B8FBCC"},{"vulnerable":true,"criteria":"cpe:2.3:a:adobe:coldfusion:2021:update8:*:*:*:*:*:*","matchCriteriaId":"6E22D701-B038-4795-AA32-A18BC93C2B6F"},{"vulnerable":true,"criteria":"cpe:2.3:a:adobe:coldfusion:2021:update9:*:*:*:*:*:*","matchCriteriaId":"CAC4A0EC-C3FC-47D8-86CE-0E6A87A7F0B0"},{"vulnerable":true,"criteria":"cpe:2.3:a:adobe:coldfusion:2023:-:*:*:*:*:*:*","matchCriteriaId":"B02A37FE-5D31-4892-A3E6-156A8FE62D28"},{"vulnerable":true,"criteria":"cpe:2.3:a:adobe:coldfusion:2023:update1:*:*:*:*:*:*","matchCriteriaId":"0AA3D302-CFEE-4DFD-AB92-F53C87721BFF"},{"vulnerable":true,"criteria":"cpe:2.3:a:adobe:coldfusion:2023:update10:*:*:*:*:*:*","matchCriteriaId":"645D1B5F-2DAB-4AB8-A465-AC37FF494F95"},{"vulnerable":true,"criteria":"cpe:2.3:a:adobe:coldfusion:2023:update11:*:*:*:*:*:*","matchCriteriaId":"ED6D8996-0770-4C9F-BEA5-87EA479D40A5"},{"vulnerable":true,"criteria":"cpe:2.3:a:adobe:coldfusion:2023:update12:*:*:*:*:*:*","matchCriteriaId":"4836086E-3D4A-4A07-A372-382D385CB490"},{"vulnerable":true,"criteria":"cpe:2.3:a:adobe:coldfusion:2023:update13:*:*:*:*:*:*","matchCriteriaId":"CBC19168-4184-4B59-B9C8-E98844124EED"},{"vulnerable":true,"criteria":"cpe:2.3:a:adobe:coldfusion:2023:update14:*:*:*:*:*:*","matchCriteriaId":"A60DCD92-9A5B-411C-9554-642C91D77FAE"},{"vulnerable":true,"criteria":"cpe:2.3:a:adobe:coldfusion:2023:update15:*:*:*:*:*:*","matchCriteriaId":"58CC65EF-60A3-4DFA-AA51-E5013F116CEA"},{"vulnerable":true,"criteria":"cpe:2.3:a:adobe:coldfusion:2023:update16:*:*:*:*:*:*","matchCriteriaId":"2E3EBFB1-4488-4924-A2E2-B7E422D68345"},{"vulnerable":true,"criteria":"cpe:2.3:a:adobe:coldfusion:2023:update2:*:*:*:*:*:*","matchCriteriaId":"EB88D4FE-5496-4639-BAF2-9F29F24ABF29"},{"vulnerable":true,"criteria":"cpe:2.3:a:adobe:coldfusion:2023:update3:*:*:*:*:*:*","matchCriteriaId":"43E0ED98-2C1F-40B8-AF60-FEB1D85619C0"},{"vulnerable":true,"criteria":"cpe:2.3:a:adobe:coldfusion:2023:update4:*:*:*:*:*:*","matchCriteriaId":"76204873-C6E0-4202-8A03-0773270F1802"},{"vulnerable":true,"criteria":"cpe:2.3:a:adobe:coldfusion:2023:update5:*:*:*:*:*:*","matchCriteriaId":"C1A22BE9-0D47-4BA8-8BDB-9B12D7A0F7C7"},{"vulnerable":true,"criteria":"cpe:2.3:a:adobe:coldfusion:2023:update6:*:*:*:*:*:*","matchCriteriaId":"E3A83642-BF14-4C37-BD94-FA76AABE8ADC"},{"vulnerable":true,"criteria":"cpe:2.3:a:adobe:coldfusion:2023:update7:*:*:*:*:*:*","matchCriteriaId":"A892E1DC-F2C8-4F53-8580-A2D1BEED5A25"},{"vulnerable":true,"criteria":"cpe:2.3:a:adobe:coldfusion:2023:update8:*:*:*:*:*:*","matchCriteriaId":"DB97ADBA-C1A9-4EE0-9509-68CB12358AE5"},{"vulnerable":true,"criteria":"cpe:2.3:a:adobe:coldfusion:2023:update9:*:*:*:*:*:*","matchCriteriaId":"E17C38F0-9B0F-4433-9CBD-6E3D63EA9BDC"},{"vulnerable":true,"criteria":"cpe:2.3:a:adobe:coldfusion:2025:-:*:*:*:*:*:*","matchCriteriaId":"30779417-D4E5-4A01-BE0E-1CE1D134292A"},{"vulnerable":true,"criteria":"cpe:2.3:a:adobe:coldfusion:2025:update1:*:*:*:*:*:*","matchCriteriaId":"80D7FC6A-F264-4CB1-A18D-B091EBA47882"},{"vulnerable":true,"criteria":"cpe:2.3:a:adobe:coldfusion:2025:update2:*:*:*:*:*:*","matchCriteriaId":"E3DA0D20-93BA-4C76-A400-159853CD7277"},{"vulnerable":true,"criteria":"cpe:2.3:a:adobe:coldfusion:2025:update3:*:*:*:*:*:*","matchCriteriaId":"5BAB6F21-61F1-43AB-88BA-553CD9AD6C0E"},{"vulnerable":true,"criteria":"cpe:2.3:a:adobe:coldfusion:2025:update4:*:*:*:*:*:*","matchCriteriaId":"C85288B9-5D63-49EA-828A-8DB3BB2367F6"}]}]}],"references":[{"url":"https://helpx.adobe.com/security/products/coldfusion/apsb25-105.html","source":"psirt@adobe.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2025-14523","sourceIdentifier":"secalert@redhat.com","published":"2025-12-11T13:15:58.983","lastModified":"2026-06-29T21:16:32.583","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"A flaw in libsoup’s HTTP header handling allows multiple Host: headers in a request and returns the last occurrence for server-side processing. Common front proxies often honor the first Host: header, so this mismatch can cause vhost confusion where a proxy routes a request to one backend but the backend interprets it as destined for another host. This discrepancy enables request-smuggling style attacks, cache poisoning, or bypassing host-based access controls when an attacker supplies duplicate Host headers."}],"affected":[{"source":"secalert@redhat.com","affectedData":[{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 10","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"libsoup3","cpes":["cpe:/o:redhat:enterprise_linux:10.1"],"versions":[{"version":"0:3.6.5-3.el10_1.8","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 10.0 Extended Update Support","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"libsoup3","cpes":["cpe:/o:redhat:enterprise_linux_eus:10.0"],"versions":[{"version":"0:3.6.5-3.el10_0.11","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 7 Extended Lifecycle Support","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"libsoup","cpes":["cpe:/o:redhat:rhel_els:7"],"versions":[{"version":"0:2.62.2-10.el7_9","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"libsoup","cpes":["cpe:/a:redhat:enterprise_linux:8::appstream","cpe:/o:redhat:enterprise_linux:8::baseos"],"versions":[{"version":"0:2.62.3-11.el8_10","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"spice-client-win","cpes":["cpe:/a:redhat:enterprise_linux:8::appstream"],"versions":[{"version":"0:8.10-6.el8_10.1","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"libsoup","cpes":["cpe:/a:redhat:enterprise_linux:8::appstream","cpe:/o:redhat:enterprise_linux:8::baseos"],"versions":[{"version":"0:2.62.3-11.el8_10","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.2 Advanced Update Support","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"libsoup","cpes":["cpe:/a:redhat:rhel_aus:8.2::appstream","cpe:/o:redhat:rhel_aus:8.2::baseos"],"versions":[{"version":"0:2.62.3-1.el8_2.7","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.2 Advanced Update Support","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"spice-client-win","cpes":["cpe:/a:redhat:rhel_aus:8.2::appstream"],"versions":[{"version":"0:8.10-6.el8_2.1","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"libsoup","cpes":["cpe:/a:redhat:rhel_aus:8.4::appstream","cpe:/a:redhat:rhel_eus_long_life:8.4::appstream","cpe:/o:redhat:rhel_aus:8.4::baseos","cpe:/o:redhat:rhel_eus_long_life:8.4::baseos"],"versions":[{"version":"0:2.62.3-2.el8_4.7","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"spice-client-win","cpes":["cpe:/a:redhat:rhel_aus:8.4::appstream","cpe:/a:redhat:rhel_eus_long_life:8.4::appstream"],"versions":[{"version":"0:8.10-6.el8_4.1","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"libsoup","cpes":["cpe:/a:redhat:rhel_aus:8.4::appstream","cpe:/a:redhat:rhel_eus_long_life:8.4::appstream","cpe:/o:redhat:rhel_aus:8.4::baseos","cpe:/o:redhat:rhel_eus_long_life:8.4::baseos"],"versions":[{"version":"0:2.62.3-2.el8_4.7","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"spice-client-win","cpes":["cpe:/a:redhat:rhel_aus:8.4::appstream","cpe:/a:redhat:rhel_eus_long_life:8.4::appstream"],"versions":[{"version":"0:8.10-6.el8_4.1","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"libsoup","cpes":["cpe:/a:redhat:rhel_aus:8.6::appstream","cpe:/a:redhat:rhel_e4s:8.6::appstream","cpe:/a:redhat:rhel_tus:8.6::appstream","cpe:/o:redhat:rhel_aus:8.6::baseos","cpe:/o:redhat:rhel_e4s:8.6::baseos","cpe:/o:redhat:rhel_tus:8.6::baseos"],"versions":[{"version":"0:2.62.3-2.el8_6.7","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"spice-client-win","cpes":["cpe:/a:redhat:rhel_aus:8.6::appstream","cpe:/a:redhat:rhel_e4s:8.6::appstream","cpe:/a:redhat:rhel_tus:8.6::appstream"],"versions":[{"version":"0:8.10-6.el8_6.1","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.6 Telecommunications Update Service","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"libsoup","cpes":["cpe:/a:redhat:rhel_aus:8.6::appstream","cpe:/a:redhat:rhel_e4s:8.6::appstream","cpe:/a:redhat:rhel_tus:8.6::appstream","cpe:/o:redhat:rhel_aus:8.6::baseos","cpe:/o:redhat:rhel_e4s:8.6::baseos","cpe:/o:redhat:rhel_tus:8.6::baseos"],"versions":[{"version":"0:2.62.3-2.el8_6.7","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.6 Telecommunications Update Service","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"spice-client-win","cpes":["cpe:/a:redhat:rhel_aus:8.6::appstream","cpe:/a:redhat:rhel_e4s:8.6::appstream","cpe:/a:redhat:rhel_tus:8.6::appstream"],"versions":[{"version":"0:8.10-6.el8_6.1","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"libsoup","cpes":["cpe:/a:redhat:rhel_aus:8.6::appstream","cpe:/a:redhat:rhel_e4s:8.6::appstream","cpe:/a:redhat:rhel_tus:8.6::appstream","cpe:/o:redhat:rhel_aus:8.6::baseos","cpe:/o:redhat:rhel_e4s:8.6::baseos","cpe:/o:redhat:rhel_tus:8.6::baseos"],"versions":[{"version":"0:2.62.3-2.el8_6.7","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"spice-client-win","cpes":["cpe:/a:redhat:rhel_aus:8.6::appstream","cpe:/a:redhat:rhel_e4s:8.6::appstream","cpe:/a:redhat:rhel_tus:8.6::appstream"],"versions":[{"version":"0:8.10-6.el8_6.1","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.8 Telecommunications Update Service","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"libsoup","cpes":["cpe:/a:redhat:rhel_e4s:8.8::appstream","cpe:/a:redhat:rhel_tus:8.8::appstream","cpe:/o:redhat:rhel_e4s:8.8::baseos","cpe:/o:redhat:rhel_tus:8.8::baseos"],"versions":[{"version":"0:2.62.3-3.el8_8.7","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.8 Telecommunications Update Service","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"spice-client-win","cpes":["cpe:/a:redhat:rhel_e4s:8.8::appstream","cpe:/a:redhat:rhel_tus:8.8::appstream"],"versions":[{"version":"0:8.10-6.el8_8.1","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"libsoup","cpes":["cpe:/a:redhat:rhel_e4s:8.8::appstream","cpe:/a:redhat:rhel_tus:8.8::appstream","cpe:/o:redhat:rhel_e4s:8.8::baseos","cpe:/o:redhat:rhel_tus:8.8::baseos"],"versions":[{"version":"0:2.62.3-3.el8_8.7","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"spice-client-win","cpes":["cpe:/a:redhat:rhel_e4s:8.8::appstream","cpe:/a:redhat:rhel_tus:8.8::appstream"],"versions":[{"version":"0:8.10-6.el8_8.1","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"libsoup","cpes":["cpe:/a:redhat:enterprise_linux:9::appstream"],"versions":[{"version":"0:2.72.0-12.el9_7.3","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"libsoup","cpes":["cpe:/a:redhat:rhel_e4s:9.0::appstream"],"versions":[{"version":"0:2.72.0-8.el9_0.8","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"libsoup","cpes":["cpe:/a:redhat:rhel_e4s:9.2::appstream"],"versions":[{"version":"0:2.72.0-8.el9_2.8","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9.4 Extended Update Support","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"libsoup","cpes":["cpe:/a:redhat:rhel_eus:9.4::appstream"],"versions":[{"version":"0:2.72.0-8.el9_4.8","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9.6 Extended Update Support","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"libsoup","cpes":["cpe:/a:redhat:rhel_eus:9.6::appstream"],"versions":[{"version":"0:2.72.0-10.el9_6.5","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 6","defaultStatus":"unknown","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"libsoup","cpes":["cpe:/o:redhat:enterprise_linux:6"]}]}],"metrics":{"cvssMetricV31":[{"source":"secalert@redhat.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N","baseScore":8.2,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":4.2}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-12-11T14:49:20.324130Z","id":"CVE-2025-14523","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"secalert@redhat.com","type":"Secondary","description":[{"lang":"en","value":"CWE-444"}]}],"references":[{"url":"https://access.redhat.com/errata/RHSA-2026:0421","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:0422","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:0423","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:0836","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:0867","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:0868","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:0905","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:0906","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:0907","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:0908","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:0909","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:0911","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:0925","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:1509","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:1569","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:1570","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:1571","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:1572","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/security/cve/CVE-2025-14523","source":"secalert@redhat.com"},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2421349","source":"secalert@redhat.com"},{"url":"https://gitlab.gnome.org/GNOME/libsoup/-/issues/472","source":"secalert@redhat.com"}]}},{"cve":{"id":"CVE-2025-63391","sourceIdentifier":"cve@mitre.org","published":"2025-12-18T16:15:54.983","lastModified":"2026-06-29T20:17:20.113","vulnStatus":"Rejected","cveTags":[],"descriptions":[{"lang":"en","value":"Rejected reason: DO NOT USE THIS CVE RECORD. ConsultIDs: none. Reason: This record was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none."}],"metrics":{},"references":[]}},{"cve":{"id":"CVE-2025-2515","sourceIdentifier":"secalert@redhat.com","published":"2025-12-24T17:15:47.293","lastModified":"2026-06-29T21:16:35.287","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"A vulnerability was found in BlueChi, a multi-node systemd service controller used in RHIVOS. This flaw allows a user with root privileges on a managed node (qm) to create or override systemd service unit files that affect the host node. This issue can lead to privilege escalation, unauthorized service execution, and potential system compromise."}],"affected":[{"source":"secalert@redhat.com","affectedData":[{"vendor":"Eclipse Foundation","product":"BlueChi","defaultStatus":"unaffected","collectionURL":"https://github.com/eclipse-bluechi/bluechi","packageName":"bluechi","versions":[{"version":"0","lessThan":"1.0.0","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"secalert@redhat.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:P/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H","baseScore":7.2,"baseSeverity":"HIGH","attackVector":"PHYSICAL","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":0.5,"impactScore":6.0}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-12-24T16:48:09.209864Z","id":"CVE-2025-2515","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"secalert@redhat.com","type":"Secondary","description":[{"lang":"en","value":"CWE-863"}]}],"references":[{"url":"https://access.redhat.com/security/cve/CVE-2025-2515","source":"secalert@redhat.com"},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2353313","source":"secalert@redhat.com"},{"url":"https://github.com/eclipse-bluechi/bluechi/commit/fe0d28301ce2bd45f0b1d8a98a94efef799fbc73#diff-64140c83db42a8888f346a40de293b80f79ebf7d75ce4137b22567e360bce607","source":"secalert@redhat.com"},{"url":"https://github.com/eclipse-bluechi/bluechi/issues/1069","source":"secalert@redhat.com"},{"url":"https://github.com/eclipse-bluechi/bluechi/pull/1073","source":"secalert@redhat.com"}]}},{"cve":{"id":"CVE-2021-47814","sourceIdentifier":"disclosure@vulncheck.com","published":"2026-01-16T00:16:26.830","lastModified":"2026-06-29T18:28:27.517","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"NBMonitor 1.6.8 contains a denial of service vulnerability that allows attackers to crash the application by overflowing the registration code input field. Attackers can paste a 256-character buffer into the registration key field to trigger an application crash and potential system instability."},{"lang":"es","value":"NBMonitor 1.6.8 contiene una vulnerabilidad de denegación de servicio que permite a los atacantes bloquear la aplicación desbordando el campo de entrada del código de registro. Los atacantes pueden pegar un búfer de 256 caracteres en el campo de clave de registro para desencadenar un bloqueo de la aplicación y una posible inestabilidad del sistema."}],"affected":[{"source":"disclosure@vulncheck.com","affectedData":[{"vendor":"Nsauditor","product":"NBMonitor","versions":[{"version":"1.6.8","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"disclosure@vulncheck.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":6.7,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"NONE","userInteraction":"ACTIVE","vulnConfidentialityImpact":"NONE","vulnIntegrityImpact":"NONE","vulnAvailabilityImpact":"HIGH","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"disclosure@vulncheck.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":3.6},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H","baseScore":5.5,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-01-16T15:47:41.279326Z","id":"CVE-2021-47814","options":[{"exploitation":"poc"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"disclosure@vulncheck.com","type":"Secondary","description":[{"lang":"en","value":"CWE-120"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:nsasoft:nbmonitor:1.6.8:*:*:*:*:*:*:*","matchCriteriaId":"6EC834C7-6AEC-4A15-A9A0-87B55D263E86"}]}]}],"references":[{"url":"http://www.nsauditor.com","source":"disclosure@vulncheck.com","tags":["Product"]},{"url":"https://www.exploit-db.com/exploits/49964","source":"disclosure@vulncheck.com","tags":["Exploit","Third Party Advisory"]},{"url":"https://www.vulncheck.com/advisories/nbmonitor-denial-of-service-poc","source":"disclosure@vulncheck.com","tags":["Third Party Advisory"]}]}},{"cve":{"id":"CVE-2026-22778","sourceIdentifier":"security-advisories@github.com","published":"2026-02-02T23:16:06.700","lastModified":"2026-06-29T14:16:48.593","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"vLLM is an inference and serving engine for large language models (LLMs). From 0.8.3 to before 0.14.1, when an invalid image is sent to vLLM's multimodal endpoint, PIL throws an error. vLLM returns this error to the client, leaking a heap address. With this leak, we reduce ASLR from 4 billion guesses to ~8 guesses. This vulnerability can be chained a heap overflow with JPEG2000 decoder in OpenCV/FFmpeg to achieve remote code execution. This vulnerability is fixed in 0.14.1."},{"lang":"es","value":"vLLM es un motor de inferencia y servicio para modelos de lenguaje grandes (LLM). Desde la versión 0.8.3 hasta antes de la 0.14.1, cuando se envía una imagen inválida al endpoint multimodal de vLLM, PIL lanza un error. vLLM devuelve este error al cliente, filtrando una dirección de montículo. Con esta fuga, reducimos ASLR de 4 mil millones de intentos a ~8 intentos. Esta vulnerabilidad puede encadenarse a un desbordamiento de montículo con el decodificador JPEG2000 en OpenCV/FFmpeg para lograr ejecución remota de código. Esta vulnerabilidad está corregida en la versión 0.14.1."}],"affected":[{"source":"security-advisories@github.com","affectedData":[{"vendor":"vllm-project","product":"vllm","versions":[{"version":">= 0.8.3, < 0.14.1","status":"affected"}]}]},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","affectedData":[{"vendor":"Red Hat","product":"Red Hat AI Inference Server 3.2","defaultStatus":"affected","cpes":["cpe:/a:redhat:ai_inference_server:3.2::el9"]},{"vendor":"Red Hat","product":"Red Hat AI Inference Server 3.3","defaultStatus":"affected","cpes":["cpe:/a:redhat:ai_inference_server:3.3::el9"]},{"vendor":"Red Hat","product":"Red Hat OpenShift AI 2.25","defaultStatus":"affected","cpes":["cpe:/a:redhat:openshift_ai:2.25::el9"]},{"vendor":"Red Hat","product":"Red Hat OpenShift AI 3.3","defaultStatus":"affected","cpes":["cpe:/a:redhat:openshift_ai:3.3::el9"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AI (RHEL AI) 3","defaultStatus":"affected","cpes":["cpe:/a:redhat:enterprise_linux_ai:3"]},{"vendor":"Red Hat","product":"Red Hat AI Inference Server","defaultStatus":"unaffected","cpes":["cpe:/a:redhat:ai_inference_server:3"]},{"vendor":"Red Hat","product":"Red Hat OpenShift AI (RHOAI)","defaultStatus":"unaffected","cpes":["cpe:/a:redhat:openshift_ai"]}]}],"metrics":{"cvssMetricV31":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-02-03T15:40:34.684022Z","id":"CVE-2026-22778","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-532"}]},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","type":"Secondary","description":[{"lang":"en","value":"CWE-209"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:vllm:vllm:*:*:*:*:*:*:*:*","versionStartIncluding":"0.8.3","versionEndExcluding":"0.14.1","matchCriteriaId":"6EBA2094-B756-41D7-A899-8C028DF95FF4"}]}]}],"references":[{"url":"https://github.com/vllm-project/vllm/pull/31987","source":"security-advisories@github.com","tags":["Issue Tracking","Patch"]},{"url":"https://github.com/vllm-project/vllm/pull/32319","source":"security-advisories@github.com","tags":["Issue Tracking","Patch"]},{"url":"https://github.com/vllm-project/vllm/releases/tag/v0.14.1","source":"security-advisories@github.com","tags":["Release Notes"]},{"url":"https://github.com/vllm-project/vllm/security/advisories/GHSA-4r2x-xpjr-7cvv","source":"security-advisories@github.com","tags":["Vendor Advisory"]},{"url":"https://access.redhat.com/errata/RHSA-2026:19712","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:30087","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:30088","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:30089","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:3461","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:3462","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:3713","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:3782","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/security/cve/CVE-2026-22778","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2436113","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-22778.json","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"}]}},{"cve":{"id":"CVE-2026-20111","sourceIdentifier":"psirt@cisco.com","published":"2026-02-04T17:16:14.273","lastModified":"2026-06-29T17:13:51.210","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"A vulnerability in the web-based management interface of Cisco Prime Infrastructure could allow an authenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against users of the interface of an affected system.\r\n\r\nThis vulnerability exists because the web-based management interface does not properly validate user-supplied input. An attacker could exploit this vulnerability by inserting malicious code into specific data fields in the interface. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information. To exploit this vulnerability, an attacker must have valid administrative credentials."},{"lang":"es","value":"Una vulnerabilidad en la interfaz de gestión basada en web de Cisco Prime Infrastructure podría permitir a un atacante remoto autenticado realizar un ataque de cross-site scripting (XSS) almacenado contra los usuarios de la interfaz de un sistema afectado.\n\nEsta vulnerabilidad existe porque la interfaz de gestión basada en web no valida correctamente la entrada proporcionada por el usuario. Un atacante podría explotar esta vulnerabilidad insertando código malicioso en campos de datos específicos en la interfaz. Un exploit exitoso podría permitir al atacante ejecutar código de script arbitrario en el contexto de la interfaz afectada o acceder a información sensible basada en el navegador. Para explotar esta vulnerabilidad, un atacante debe tener credenciales administrativas válidas."}],"affected":[{"source":"psirt@cisco.com","affectedData":[{"vendor":"Cisco","product":"Cisco Prime Infrastructure","defaultStatus":"unknown","versions":[{"version":"3.0.0","status":"affected"},{"version":"3.1.0","status":"affected"},{"version":"3.1.5","status":"affected"},{"version":"2.1","status":"affected"},{"version":"2.0.0","status":"affected"},{"version":"3.6.0","status":"affected"},{"version":"3.7.0","status":"affected"},{"version":"3.4.0","status":"affected"},{"version":"3.3.0","status":"affected"},{"version":"3.2","status":"affected"},{"version":"3.5.0","status":"affected"},{"version":"3.2.0-FIPS","status":"affected"},{"version":"2.2","status":"affected"},{"version":"3.8.0-FED","status":"affected"},{"version":"3.9.0","status":"affected"},{"version":"3.8.0","status":"affected"},{"version":"3.10.0","status":"affected"},{"version":"3.1.1","status":"affected"},{"version":"2.1.2","status":"affected"},{"version":"2.2.1","status":"affected"},{"version":"2.2.0","status":"affected"},{"version":"3.0.2","status":"affected"},{"version":"3.0.3","status":"affected"},{"version":"3.0.1","status":"affected"},{"version":"2.2.2","status":"affected"},{"version":"2.2.3","status":"affected"},{"version":"2.1.0","status":"affected"},{"version":"2.1.1","status":"affected"},{"version":"3.9.1","status":"affected"},{"version":"2.0.10","status":"affected"},{"version":"3.8.1","status":"affected"},{"version":"3.7.1","status":"affected"},{"version":"3.5.1","status":"affected"},{"version":"3.4.2","status":"affected"},{"version":"3.3.1","status":"affected"},{"version":"3.1.7","status":"affected"},{"version":"3.2.1","status":"affected"},{"version":"3.2.2","status":"affected"},{"version":"3.1.6","status":"affected"},{"version":"3.1.2","status":"affected"},{"version":"3.4.1","status":"affected"},{"version":"3.1.3","status":"affected"},{"version":"3.1.4","status":"affected"},{"version":"3.0.6","status":"affected"},{"version":"2.2.10","status":"affected"},{"version":"3.0.4","status":"affected"},{"version":"3.0.5","status":"affected"},{"version":"2.1.56","status":"affected"},{"version":"2.2.4","status":"affected"},{"version":"2.2.9","status":"affected"},{"version":"2.2.8","status":"affected"},{"version":"2.2.5","status":"affected"},{"version":"2.2.7","status":"affected"},{"version":"2.0.39","status":"affected"},{"version":"3.8_DP1","status":"affected"},{"version":"3.9_DP1","status":"affected"},{"version":"3.7_DP2","status":"affected"},{"version":"3.6_DP1","status":"affected"},{"version":"3.5_DP4","status":"affected"},{"version":"3.5_DP2","status":"affected"},{"version":"3.4_DP10","status":"affected"},{"version":"3.7_DP1","status":"affected"},{"version":"3.5_DP3","status":"affected"},{"version":"3.4_DP11","status":"affected"},{"version":"3.5_DP1","status":"affected"},{"version":"3.4_DP8","status":"affected"},{"version":"3.4_DP1","status":"affected"},{"version":"3.4_DP3","status":"affected"},{"version":"3.4_DP5","status":"affected"},{"version":"3.4_DP2","status":"affected"},{"version":"3.4_DP7","status":"affected"},{"version":"3.4_DP6","status":"affected"},{"version":"3.3_DP4","status":"affected"},{"version":"3.4_DP4","status":"affected"},{"version":"3.4_DP9","status":"affected"},{"version":"3.1_DP16","status":"affected"},{"version":"3.3_DP2","status":"affected"},{"version":"3.3_DP3","status":"affected"},{"version":"3.1_DP15","status":"affected"},{"version":"3.3_DP1","status":"affected"},{"version":"3.1_DP13","status":"affected"},{"version":"3.2_DP2","status":"affected"},{"version":"3.2_DP1","status":"affected"},{"version":"3.2_DP3","status":"affected"},{"version":"3.1_DP14","status":"affected"},{"version":"3.2_DP4","status":"affected"},{"version":"3.1_DP7","status":"affected"},{"version":"3.1_DP10","status":"affected"},{"version":"3.1_DP11","status":"affected"},{"version":"3.1_DP4","status":"affected"},{"version":"3.1_DP6","status":"affected"},{"version":"3.1_DP12","status":"affected"},{"version":"3.1_DP5","status":"affected"},{"version":"3.0.7","status":"affected"},{"version":"3.1_DP9","status":"affected"},{"version":"3.1_DP8","status":"affected"},{"version":"3.10_DP1","status":"affected"},{"version":"3.10.2","status":"affected"},{"version":"3.10.3","status":"affected"},{"version":"3.10","status":"affected"},{"version":"3.10.1","status":"affected"},{"version":"3.7.1 Update 03","status":"affected"},{"version":"3.7.1 Update 04","status":"affected"},{"version":"3.7.1 Update 06","status":"affected"},{"version":"3.7.1 Update 07","status":"affected"},{"version":"3.8.1 Update 01","status":"affected"},{"version":"3.8.1 Update 02","status":"affected"},{"version":"3.8.1 Update 03","status":"affected"},{"version":"3.8.1 Update 04","status":"affected"},{"version":"3.9.1 Update 01","status":"affected"},{"version":"3.9.1 Update 02","status":"affected"},{"version":"3.9.1 Update 03","status":"affected"},{"version":"3.9.1 Update 04","status":"affected"},{"version":"3.10 Update 01","status":"affected"},{"version":"3.4.2 Update 01","status":"affected"},{"version":"3.6.0 Update 04","status":"affected"},{"version":"3.6.0 Update 02","status":"affected"},{"version":"3.6.0 Update 03","status":"affected"},{"version":"3.6.0 Update 01","status":"affected"},{"version":"3.5.1 Update 03","status":"affected"},{"version":"3.5.1 Update 01","status":"affected"},{"version":"3.5.1 Update 02","status":"affected"},{"version":"3.7.0 Update 03","status":"affected"},{"version":"2.2.3 Update 05","status":"affected"},{"version":"2.2.3 Update 04","status":"affected"},{"version":"2.2.3 Update 06","status":"affected"},{"version":"2.2.3 Update 03","status":"affected"},{"version":"2.2.3 Update 02","status":"affected"},{"version":"2.2.1 Update 01","status":"affected"},{"version":"2.2.2 Update 03","status":"affected"},{"version":"2.2.2 Update 04","status":"affected"},{"version":"3.8.0 Update 01","status":"affected"},{"version":"3.8.0 Update 02","status":"affected"},{"version":"3.7.1 Update 01","status":"affected"},{"version":"3.7.1 Update 02","status":"affected"},{"version":"3.7.1 Update 05","status":"affected"},{"version":"3.9.0 Update 01","status":"affected"},{"version":"3.3.0 Update 01","status":"affected"},{"version":"3.4.1 Update 02","status":"affected"},{"version":"3.4.1 Update 01","status":"affected"},{"version":"3.5.0 Update 03","status":"affected"},{"version":"3.5.0 Update 01","status":"affected"},{"version":"3.5.0 Update 02","status":"affected"},{"version":"3.10.4","status":"affected"},{"version":"3.10.4 Update 01","status":"affected"},{"version":"3.10.4 Update 02","status":"affected"},{"version":"3.10.4 Update 03","status":"affected"},{"version":"3.10.5","status":"affected"},{"version":"3.10.6","status":"affected"},{"version":"3.10.6 Update 01","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"psirt@cisco.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N","baseScore":4.8,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":1.7,"impactScore":2.7}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-02-04T16:41:28.347358Z","id":"CVE-2026-20111","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"psirt@cisco.com","type":"Secondary","description":[{"lang":"en","value":"CWE-798"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:prime_infrastructure:*:*:*:*:*:*:*:*","versionEndExcluding":"3.10.6","matchCriteriaId":"C6DE6377-FFFC-439B-95D0-5EC54C215018"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:prime_infrastructure:3.10.6:-:*:*:*:*:*:*","matchCriteriaId":"94273457-DA21-40F8-B8E8-A6DA0F5A8300"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:prime_infrastructure:3.10.6:security_update_01:*:*:*:*:*:*","matchCriteriaId":"3A33A68B-7264-44F1-AF87-992FBA582FA6"}]}]}],"references":[{"url":"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-pi-xss-bYeVKCD","source":"psirt@cisco.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-20123","sourceIdentifier":"psirt@cisco.com","published":"2026-02-04T17:16:14.627","lastModified":"2026-06-29T17:13:22.217","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"A vulnerability in the web-based management interface of Cisco Evolved Programmable Network Manager (EPNM) and Cisco Prime Infrastructure could allow an unauthenticated, remote attacker to redirect a user to a malicious web page.\r\n\r\nThis vulnerability is due to improper input validation of the parameters in the HTTP request. An attacker could exploit this vulnerability by intercepting and modifying an HTTP request from a user. A successful exploit could allow the attacker to redirect the user to a malicious web page."},{"lang":"es","value":"Una vulnerabilidad en la interfaz de gestión basada en web de Cisco Evolved Programmable Network Manager (EPNM) y Cisco Prime Infrastructure podría permitir a un atacante remoto no autenticado redirigir a un usuario a una página web maliciosa.\n\nEsta vulnerabilidad se debe a una validación de entrada incorrecta de los parámetros en la solicitud HTTP. Un atacante podría explotar esta vulnerabilidad interceptando y modificando una solicitud HTTP de un usuario. Un exploit exitoso podría permitir al atacante redirigir al usuario a una página web maliciosa."}],"affected":[{"source":"psirt@cisco.com","affectedData":[{"vendor":"Cisco","product":"Cisco Evolved Programmable Network Manager (EPNM)","defaultStatus":"unknown","versions":[{"version":"7.1.1","status":"affected"},{"version":"7.1.2.1","status":"affected"},{"version":"7.1.3","status":"affected"},{"version":"7.1.2","status":"affected"},{"version":"7.1.0","status":"affected"},{"version":"8.0.0","status":"affected"},{"version":"8.0.0.1","status":"affected"},{"version":"7.1.3.1","status":"affected"},{"version":"7.1.4","status":"affected"},{"version":"8.1.0","status":"affected"},{"version":"8.0.1","status":"affected"},{"version":"7.1.4.1","status":"affected"},{"version":"8.0.1.1","status":"affected"}]},{"vendor":"Cisco","product":"Cisco Prime Infrastructure","defaultStatus":"unknown","versions":[{"version":"3.10.0","status":"affected"},{"version":"3.10.2","status":"affected"},{"version":"3.10.3","status":"affected"},{"version":"3.10","status":"affected"},{"version":"3.10.1","status":"affected"},{"version":"3.10 Update 01","status":"affected"},{"version":"3.10.4","status":"affected"},{"version":"3.10.4 Update 01","status":"affected"},{"version":"3.10.4 Update 02","status":"affected"},{"version":"3.10.4 Update 03","status":"affected"},{"version":"3.10.5","status":"affected"},{"version":"3.10.6","status":"affected"},{"version":"3.10.6 Update 01","status":"affected"},{"version":"3.10.6 Security Update 03","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"psirt@cisco.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N","baseScore":4.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":1.4},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","baseScore":6.1,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":2.7}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-02-04T16:40:37.285394Z","id":"CVE-2026-20123","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"psirt@cisco.com","type":"Secondary","description":[{"lang":"en","value":"CWE-601"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:evolved_programmable_network_manager:*:*:*:*:*:*:*:*","versionEndExcluding":"8.1.1","matchCriteriaId":"317FDB7B-04C7-4754-AC47-05012E5898FF"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:prime_infrastructure:*:-:*:*:*:*:*:*","versionEndExcluding":"3.10.6","matchCriteriaId":"EF7C2643-1964-467F-BCF5-48264CF3C1ED"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:prime_infrastructure:3.10.6:-:*:*:*:*:*:*","matchCriteriaId":"94273457-DA21-40F8-B8E8-A6DA0F5A8300"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:prime_infrastructure:3.10.6:security_update_01:*:*:*:*:*:*","matchCriteriaId":"3A33A68B-7264-44F1-AF87-992FBA582FA6"}]}]}],"references":[{"url":"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-epnm-pi-redirect-6sX82dN","source":"psirt@cisco.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2020-37131","sourceIdentifier":"disclosure@vulncheck.com","published":"2026-02-05T17:16:08.207","lastModified":"2026-06-29T18:29:31.553","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Nsauditor Product Key Explorer 4.2.2.0 contains a denial of service vulnerability that allows local attackers to crash the application by inputting a specially crafted registration key. Attackers can generate a payload of 1000 bytes of repeated characters and paste it into the 'Key' input field to trigger the application crash."},{"lang":"es","value":"Nsauditor Product Key Explorer 4.2.2.0 contiene una vulnerabilidad de denegación de servicio que permite a atacantes locales colgar la aplicación al introducir una clave de registro especialmente diseñada. Los atacantes pueden generar una carga útil de 1000 bytes de caracteres repetidos y pegarla en el campo de entrada 'Key' para desencadenar el bloqueo de la aplicación."}],"affected":[{"source":"disclosure@vulncheck.com","affectedData":[{"vendor":"Nsauditor","product":"Product Key Explorer","versions":[{"version":"4.2.2.0","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"disclosure@vulncheck.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":6.7,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"NONE","userInteraction":"ACTIVE","vulnConfidentialityImpact":"NONE","vulnIntegrityImpact":"NONE","vulnAvailabilityImpact":"HIGH","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"disclosure@vulncheck.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","baseScore":6.2,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":2.5,"impactScore":3.6},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H","baseScore":5.5,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-02-05T18:43:36.472226Z","id":"CVE-2020-37131","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"disclosure@vulncheck.com","type":"Secondary","description":[{"lang":"en","value":"CWE-120"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:nsasoft:product_key_explorer:4.2.2.0:*:*:*:*:*:*:*","matchCriteriaId":"F3AC73D8-71B6-4F59-B5AC-E3E0C959E76C"}]}]}],"references":[{"url":"http://www.nsauditor.com","source":"disclosure@vulncheck.com","tags":["Product"]},{"url":"https://www.exploit-db.com/exploits/48284","source":"disclosure@vulncheck.com","tags":["Exploit","VDB Entry"]},{"url":"https://www.vulncheck.com/advisories/product-key-explorer-key-denial-of-service","source":"disclosure@vulncheck.com","tags":["Third Party Advisory"]}]}},{"cve":{"id":"CVE-2020-37196","sourceIdentifier":"disclosure@vulncheck.com","published":"2026-02-11T21:16:14.127","lastModified":"2026-06-29T18:29:43.417","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Dnss Domain Name Search Software contains a denial of service vulnerability that allows attackers to crash the application by providing an oversized registration key. Attackers can generate a 1000-character buffer payload and paste it into the registration key field to trigger an application crash."},{"lang":"es","value":"El software Dnss Domain Name Search contiene una vulnerabilidad de denegación de servicio que permite a los atacantes bloquear la aplicación al proporcionar una clave de registro sobredimensionada. Los atacantes pueden generar una carga útil de búfer de 1000 caracteres y pegarla en el campo de la clave de registro para provocar un bloqueo de la aplicación."}],"affected":[{"source":"disclosure@vulncheck.com","affectedData":[{"vendor":"Nsasoft","product":"Nsauditor Dnss Domain Name Search Software","versions":[{"version":"-","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"disclosure@vulncheck.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":4.6,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"NONE","userInteraction":"ACTIVE","vulnConfidentialityImpact":"NONE","vulnIntegrityImpact":"NONE","vulnAvailabilityImpact":"LOW","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"disclosure@vulncheck.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":3.6},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H","baseScore":5.5,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-02-12T14:56:38.856405Z","id":"CVE-2020-37196","options":[{"exploitation":"poc"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"disclosure@vulncheck.com","type":"Secondary","description":[{"lang":"en","value":"CWE-120"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:nsasoft:domain_name_search_software:-:*:*:*:*:*:*:*","matchCriteriaId":"9C0E895E-9E13-49F4-AC00-915E756ADB96"}]}]}],"references":[{"url":"http://www.nsauditor.com/","source":"disclosure@vulncheck.com","tags":["Product"]},{"url":"https://www.exploit-db.com/exploits/47856","source":"disclosure@vulncheck.com","tags":["Exploit","VDB Entry"]},{"url":"https://www.vulncheck.com/advisories/dnss-domain-name-search-software-key-denial-of-service","source":"disclosure@vulncheck.com","tags":["Third Party Advisory"]}]}},{"cve":{"id":"CVE-2020-37197","sourceIdentifier":"disclosure@vulncheck.com","published":"2026-02-11T21:16:14.297","lastModified":"2026-06-29T18:30:11.547","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Dnss Domain Name Search Software contains a denial of service vulnerability that allows attackers to crash the application by overflowing the 'Name' input field. Attackers can generate a 1000-character buffer payload and paste it into the registration name field to trigger an application crash."},{"lang":"es","value":"El Software de búsqueda de nombres de dominio Dnss contiene una vulnerabilidad de denegación de servicio que permite a los atacantes bloquear la aplicación desbordando el campo de entrada 'Name'. Los atacantes pueden generar una carga útil de búfer de 1000 caracteres y pegarla en el campo de nombre de registro para provocar un bloqueo de la aplicación."}],"affected":[{"source":"disclosure@vulncheck.com","affectedData":[{"vendor":"Nsasoft","product":"Nsauditor Dnss Domain Name Search Software","versions":[{"version":"-","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"disclosure@vulncheck.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":4.6,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"NONE","userInteraction":"ACTIVE","vulnConfidentialityImpact":"NONE","vulnIntegrityImpact":"NONE","vulnAvailabilityImpact":"LOW","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"disclosure@vulncheck.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":3.6},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H","baseScore":5.5,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-02-12T14:27:44.223824Z","id":"CVE-2020-37197","options":[{"exploitation":"poc"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"disclosure@vulncheck.com","type":"Secondary","description":[{"lang":"en","value":"CWE-120"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:nsasoft:domain_name_search_software:-:*:*:*:*:*:*:*","matchCriteriaId":"9C0E895E-9E13-49F4-AC00-915E756ADB96"}]}]}],"references":[{"url":"http://www.nsauditor.com/","source":"disclosure@vulncheck.com","tags":["Product"]},{"url":"https://www.exploit-db.com/exploits/47861","source":"disclosure@vulncheck.com","tags":["Exploit","VDB Entry"]},{"url":"https://www.vulncheck.com/advisories/dnss-domain-name-search-software-name-denial-of-service","source":"disclosure@vulncheck.com","tags":["Third Party Advisory"]}]}},{"cve":{"id":"CVE-2020-37199","sourceIdentifier":"disclosure@vulncheck.com","published":"2026-02-11T21:16:14.623","lastModified":"2026-06-29T18:29:45.990","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"NBMonitor 1.6.6.0 contains a denial of service vulnerability in its registration key input that allows attackers to crash the application. Attackers can generate a 1000-character buffer payload and paste it into the 'Key' field to trigger an application crash."},{"lang":"es","value":"NBMonitor 1.6.6.0 contiene una vulnerabilidad de denegación de servicio en su entrada de clave de registro que permite a los atacantes bloquear la aplicación. Los atacantes pueden generar una carga útil de búfer de 1000 caracteres y pegarla en el campo 'Key' para provocar un bloqueo de la aplicación."}],"affected":[{"source":"disclosure@vulncheck.com","affectedData":[{"vendor":"Nsasoft","product":"Nsauditor NBMonitor","versions":[{"version":"1.6.6.0","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"disclosure@vulncheck.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":4.6,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"NONE","userInteraction":"ACTIVE","vulnConfidentialityImpact":"NONE","vulnIntegrityImpact":"NONE","vulnAvailabilityImpact":"LOW","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"disclosure@vulncheck.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":3.6},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H","baseScore":5.5,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-02-12T14:30:14.445638Z","id":"CVE-2020-37199","options":[{"exploitation":"poc"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"disclosure@vulncheck.com","type":"Secondary","description":[{"lang":"en","value":"CWE-120"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:nsasoft:nbmonitor:*:*:*:*:*:*:*:*","versionEndIncluding":"1.6.6.0","matchCriteriaId":"AABCE4C7-EEF0-43FA-AABA-62DB3CB1603A"}]}]}],"references":[{"url":"http://www.nsauditor.com/","source":"disclosure@vulncheck.com","tags":["Product"]},{"url":"https://www.exploit-db.com/exploits/47866","source":"disclosure@vulncheck.com","tags":["Exploit","VDB Entry"]},{"url":"https://www.vulncheck.com/advisories/nbmonitor-key-denial-of-service","source":"disclosure@vulncheck.com","tags":["Third Party Advisory"]}]}},{"cve":{"id":"CVE-2020-37200","sourceIdentifier":"disclosure@vulncheck.com","published":"2026-02-11T21:16:14.790","lastModified":"2026-06-29T18:30:16.903","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"NetShareWatcher 1.5.8.0 contains a buffer overflow vulnerability in the registration key input that allows attackers to crash the application by supplying oversized input. Attackers can generate a 1000-character payload and paste it into the registration key field to trigger an application crash."},{"lang":"es","value":"NetShareWatcher 1.5.8.0 contiene una vulnerabilidad de desbordamiento de búfer en la entrada de la clave de registro que permite a los atacantes bloquear la aplicación al proporcionar una entrada de tamaño excesivo. Los atacantes pueden generar una carga útil de 1000 caracteres y pegarla en el campo de la clave de registro para provocar un bloqueo de la aplicación."}],"affected":[{"source":"disclosure@vulncheck.com","affectedData":[{"vendor":"Nsasoft","product":"Nsauditor NetShareWatcher","versions":[{"version":"1.5.8.0","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"disclosure@vulncheck.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":4.6,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"NONE","userInteraction":"ACTIVE","vulnConfidentialityImpact":"NONE","vulnIntegrityImpact":"NONE","vulnAvailabilityImpact":"LOW","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"disclosure@vulncheck.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":3.6},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H","baseScore":5.5,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-02-12T14:30:58.648119Z","id":"CVE-2020-37200","options":[{"exploitation":"poc"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"disclosure@vulncheck.com","type":"Secondary","description":[{"lang":"en","value":"CWE-121"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:nsasoft:netsharewatcher:1.5.8.0:*:*:*:*:*:*:*","matchCriteriaId":"8A6539CD-5A3F-4C08-88EC-84D4B68387E8"}]}]}],"references":[{"url":"http://www.nsauditor.com/","source":"disclosure@vulncheck.com","tags":["Product"]},{"url":"https://www.exploit-db.com/exploits/47860","source":"disclosure@vulncheck.com","tags":["Exploit"]},{"url":"https://www.vulncheck.com/advisories/netsharewatcher-key-denial-of-service","source":"disclosure@vulncheck.com","tags":["Third Party Advisory"]}]}},{"cve":{"id":"CVE-2020-37201","sourceIdentifier":"disclosure@vulncheck.com","published":"2026-02-11T21:16:14.963","lastModified":"2026-06-29T18:30:23.967","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"NetShareWatcher 1.5.8.0 contains a buffer overflow vulnerability in the registration name input that allows attackers to crash the application. Attackers can generate a 1000-character payload and paste it into the 'Name' field to trigger an application crash."},{"lang":"es","value":"NetShareWatcher 1.5.8.0 contiene una vulnerabilidad de desbordamiento de búfer en la entrada del nombre de registro que permite a los atacantes bloquear la aplicación. Los atacantes pueden generar una carga útil de 1000 caracteres y pegarla en el campo 'Name' para provocar un fallo en la aplicación."}],"affected":[{"source":"disclosure@vulncheck.com","affectedData":[{"vendor":"Nsasoft","product":"Nsauditor NetShareWatcher","versions":[{"version":"1.5.8.0","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"disclosure@vulncheck.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":4.6,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"NONE","userInteraction":"ACTIVE","vulnConfidentialityImpact":"NONE","vulnIntegrityImpact":"NONE","vulnAvailabilityImpact":"LOW","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"disclosure@vulncheck.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":3.6},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H","baseScore":5.5,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-02-12T14:33:44.701369Z","id":"CVE-2020-37201","options":[{"exploitation":"poc"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"disclosure@vulncheck.com","type":"Secondary","description":[{"lang":"en","value":"CWE-120"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:nsasoft:netsharewatcher:1.5.8.0:*:*:*:*:*:*:*","matchCriteriaId":"8A6539CD-5A3F-4C08-88EC-84D4B68387E8"}]}]}],"references":[{"url":"http://www.nsauditor.com/","source":"disclosure@vulncheck.com","tags":["Product"]},{"url":"https://www.exploit-db.com/exploits/47848","source":"disclosure@vulncheck.com","tags":["Exploit"]},{"url":"https://www.vulncheck.com/advisories/netsharewatcher-name-denial-of-service","source":"disclosure@vulncheck.com","tags":["Third Party Advisory"]}]}},{"cve":{"id":"CVE-2020-37204","sourceIdentifier":"disclosure@vulncheck.com","published":"2026-02-11T21:16:15.470","lastModified":"2026-06-29T18:30:37.163","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"RemShutdown 2.9.0.0 contains a denial of service vulnerability in its registration key input that allows attackers to crash the application. Attackers can generate a 1000-character buffer payload and paste it into the registration key field to trigger an application crash."},{"lang":"es","value":"RemShutdown 2.9.0.0 contiene una vulnerabilidad de denegación de servicio en su entrada de clave de registro que permite a los atacantes bloquear la aplicación. Los atacantes pueden generar una carga útil de búfer de 1000 caracteres y pegarla en el campo de clave de registro para provocar un bloqueo de la aplicación."}],"affected":[{"source":"disclosure@vulncheck.com","affectedData":[{"vendor":"NSAuditor","product":"Nsauditor RemShutdown","versions":[{"version":"2.9.0.0","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"disclosure@vulncheck.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":4.6,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"NONE","userInteraction":"ACTIVE","vulnConfidentialityImpact":"NONE","vulnIntegrityImpact":"NONE","vulnAvailabilityImpact":"LOW","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"disclosure@vulncheck.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":3.6},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H","baseScore":5.5,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-02-12T14:36:55.413166Z","id":"CVE-2020-37204","options":[{"exploitation":"poc"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"disclosure@vulncheck.com","type":"Secondary","description":[{"lang":"en","value":"CWE-120"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:nsasoft:remshutdown:2.9.0.0:*:*:*:*:*:*:*","matchCriteriaId":"A2F7EBAC-A270-40D7-9F2F-35BD341FB5BE"}]}]}],"references":[{"url":"http://www.nsauditor.com/","source":"disclosure@vulncheck.com","tags":["Product"]},{"url":"https://www.exploit-db.com/exploits/47863","source":"disclosure@vulncheck.com","tags":["Exploit","Third Party Advisory","VDB Entry"]},{"url":"https://www.vulncheck.com/advisories/remshutdown-key-denial-of-service","source":"disclosure@vulncheck.com","tags":["Third Party Advisory"]}]}},{"cve":{"id":"CVE-2020-37205","sourceIdentifier":"disclosure@vulncheck.com","published":"2026-02-11T21:16:15.630","lastModified":"2026-06-29T18:30:42.920","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"RemShutdown 2.9.0.0 contains a denial of service vulnerability that allows attackers to crash the application by overflowing the 'Name' registration field. Attackers can generate a 1000-character buffer payload and paste it into the registration name field to trigger an application crash."},{"lang":"es","value":"RemShutdown 2.9.0.0 contiene una vulnerabilidad de denegación de servicio que permite a los atacantes bloquear la aplicación desbordando el campo de registro 'Name'. Los atacantes pueden generar una carga útil de búfer de 1000 caracteres y pegarla en el campo de nombre de registro para provocar un fallo en la aplicación."}],"affected":[{"source":"disclosure@vulncheck.com","affectedData":[{"vendor":"Nsasoft","product":"Nsauditor RemShutdown","versions":[{"version":"2.9.0.0","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"disclosure@vulncheck.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":4.6,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"NONE","userInteraction":"ACTIVE","vulnConfidentialityImpact":"NONE","vulnIntegrityImpact":"NONE","vulnAvailabilityImpact":"LOW","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"disclosure@vulncheck.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":3.6},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H","baseScore":5.5,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-02-12T14:38:19.819056Z","id":"CVE-2020-37205","options":[{"exploitation":"poc"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"disclosure@vulncheck.com","type":"Secondary","description":[{"lang":"en","value":"CWE-120"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:nsasoft:remshutdown:2.9.0.0:*:*:*:*:*:*:*","matchCriteriaId":"A2F7EBAC-A270-40D7-9F2F-35BD341FB5BE"}]}]}],"references":[{"url":"http://www.nsauditor.com/","source":"disclosure@vulncheck.com","tags":["Product"]},{"url":"https://www.exploit-db.com/exploits/47865","source":"disclosure@vulncheck.com","tags":["Exploit","Third Party Advisory","VDB Entry"]},{"url":"https://www.vulncheck.com/advisories/remshutdown-name-denial-of-service","source":"disclosure@vulncheck.com","tags":["Third Party Advisory"]}]}},{"cve":{"id":"CVE-2020-37206","sourceIdentifier":"disclosure@vulncheck.com","published":"2026-02-11T21:16:15.797","lastModified":"2026-06-29T18:30:49.453","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"ShareAlarmPro contains a denial of service vulnerability that allows attackers to crash the application by supplying an oversized registration key. Attackers can generate a 1000-character buffer payload to trigger an application crash when pasted into the registration key field."},{"lang":"es","value":"ShareAlarmPro contiene una vulnerabilidad de denegación de servicio que permite a los atacantes bloquear la aplicación al proporcionar una clave de registro sobredimensionada. Los atacantes pueden generar una carga útil de búfer de 1000 caracteres para provocar un bloqueo de la aplicación cuando se pega en el campo de la clave de registro."}],"affected":[{"source":"disclosure@vulncheck.com","affectedData":[{"vendor":"Nsasoft","product":"Nsauditor ShareAlarmPro Advanced Network Access Control","versions":[{"version":"-","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"disclosure@vulncheck.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":4.6,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"NONE","userInteraction":"ACTIVE","vulnConfidentialityImpact":"NONE","vulnIntegrityImpact":"NONE","vulnAvailabilityImpact":"LOW","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"disclosure@vulncheck.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":3.6},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H","baseScore":5.5,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-02-12T14:39:28.703659Z","id":"CVE-2020-37206","options":[{"exploitation":"poc"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"disclosure@vulncheck.com","type":"Secondary","description":[{"lang":"en","value":"CWE-120"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:nsasoft:sharealarmpro:-:*:*:*:*:*:*:*","matchCriteriaId":"4F6DE8DE-508D-487D-90FB-BC1794A58D5C"}]}]}],"references":[{"url":"http://www.nsauditor.com/","source":"disclosure@vulncheck.com","tags":["Product"]},{"url":"https://www.exploit-db.com/exploits/47859","source":"disclosure@vulncheck.com","tags":["Exploit","VDB Entry"]},{"url":"https://www.vulncheck.com/advisories/sharealarmpro-advanced-network-access-control-key-denial-of-service","source":"disclosure@vulncheck.com","tags":["Third Party Advisory"]}]}},{"cve":{"id":"CVE-2020-37207","sourceIdentifier":"disclosure@vulncheck.com","published":"2026-02-11T21:16:15.963","lastModified":"2026-06-29T18:31:00.630","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"SpotDialup 1.6.7 contains a denial of service vulnerability in the registration key input field that allows attackers to crash the application. Attackers can generate a 1000-character buffer payload and paste it into the 'Key' field to trigger an application crash."},{"lang":"es","value":"SpotDialup 1.6.7 contiene una vulnerabilidad de denegación de servicio en el campo de entrada de la clave de registro que permite a los atacantes bloquear la aplicación. Los atacantes pueden generar una carga útil de búfer de 1000 caracteres y pegarla en el campo 'Key' para provocar un bloqueo de la aplicación."}],"affected":[{"source":"disclosure@vulncheck.com","affectedData":[{"vendor":"Nsasoft","product":"Nsauditor SpotDialup","versions":[{"version":"1.6.7","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"disclosure@vulncheck.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":4.6,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"NONE","userInteraction":"ACTIVE","vulnConfidentialityImpact":"NONE","vulnIntegrityImpact":"NONE","vulnAvailabilityImpact":"LOW","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"disclosure@vulncheck.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":3.6},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H","baseScore":5.5,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-02-12T14:43:07.996769Z","id":"CVE-2020-37207","options":[{"exploitation":"poc"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"disclosure@vulncheck.com","type":"Secondary","description":[{"lang":"en","value":"CWE-120"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:nsasoft:spotdialup:*:*:*:*:*:*:*:*","versionEndIncluding":"1.6.7","matchCriteriaId":"4ABAC0D7-DF1D-4541-97A2-075E9274FCB1"}]}]}],"references":[{"url":"http://www.nsauditor.com/","source":"disclosure@vulncheck.com","tags":["Product"]},{"url":"https://www.exploit-db.com/exploits/47872","source":"disclosure@vulncheck.com","tags":["Exploit","VDB Entry"]},{"url":"https://www.vulncheck.com/advisories/spotdialup-key-denial-of-service","source":"disclosure@vulncheck.com","tags":["Third Party Advisory"]}]}},{"cve":{"id":"CVE-2020-37208","sourceIdentifier":"disclosure@vulncheck.com","published":"2026-02-11T21:16:16.130","lastModified":"2026-06-29T18:31:10.257","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"SpotFTP 3.0.0.0 contains a buffer overflow vulnerability in the registration key input field that allows attackers to crash the application. Attackers can generate a 1000-character payload and paste it into the 'Key' field to trigger an application crash and denial of service."},{"lang":"es","value":"SpotFTP 3.0.0.0 contiene una vulnerabilidad de desbordamiento de búfer en el campo de entrada de la clave de registro que permite a los atacantes bloquear la aplicación. Los atacantes pueden generar una carga útil de 1000 caracteres y pegarla en el campo 'Key' para provocar un bloqueo de la aplicación y una denegación de servicio."}],"affected":[{"source":"disclosure@vulncheck.com","affectedData":[{"vendor":"Nsasoft","product":"Nsauditor SpotFTP FTP Password Recovery","versions":[{"version":"3.0.0.0","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"disclosure@vulncheck.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":4.6,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"NONE","userInteraction":"ACTIVE","vulnConfidentialityImpact":"NONE","vulnIntegrityImpact":"NONE","vulnAvailabilityImpact":"LOW","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"disclosure@vulncheck.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":3.6},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H","baseScore":5.5,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-02-12T14:44:19.944406Z","id":"CVE-2020-37208","options":[{"exploitation":"poc"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"disclosure@vulncheck.com","type":"Secondary","description":[{"lang":"en","value":"CWE-787"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:nsasoft:spotftp:3.0.0.0:*:*:*:*:*:*:*","matchCriteriaId":"6C046573-555E-4DAF-8409-01CFC9635AAD"}]}]}],"references":[{"url":"http://www.nsauditor.com/","source":"disclosure@vulncheck.com","tags":["Product"]},{"url":"https://www.exploit-db.com/exploits/47849","source":"disclosure@vulncheck.com","tags":["Exploit","Third Party Advisory","VDB Entry"]},{"url":"https://www.vulncheck.com/advisories/spotftp-ftp-password-recovery-key-denial-of-service","source":"disclosure@vulncheck.com","tags":["Third Party Advisory"]}]}},{"cve":{"id":"CVE-2020-37209","sourceIdentifier":"disclosure@vulncheck.com","published":"2026-02-11T21:16:16.293","lastModified":"2026-06-29T18:33:21.583","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"SpotFTP 3.0.0.0 contains a denial of service vulnerability in the registration name input field that allows attackers to crash the application. Attackers can generate a 1000-character buffer payload and paste it into the 'Name' field to trigger an application crash."},{"lang":"es","value":"SpotFTP 3.0.0.0 contiene una vulnerabilidad de denegación de servicio en el campo de entrada del nombre de registro que permite a los atacantes bloquear la aplicación. Los atacantes pueden generar una carga útil de búfer de 1000 caracteres y pegarla en el campo 'Name' para provocar un bloqueo de la aplicación."}],"affected":[{"source":"disclosure@vulncheck.com","affectedData":[{"vendor":"Nsasoft","product":"Nsauditor SpotFTP FTP Password Recovery","versions":[{"version":"3.0.0.0","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"disclosure@vulncheck.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":4.6,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"NONE","userInteraction":"ACTIVE","vulnConfidentialityImpact":"NONE","vulnIntegrityImpact":"NONE","vulnAvailabilityImpact":"LOW","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"disclosure@vulncheck.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":3.6},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H","baseScore":5.5,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-02-12T16:04:04.336429Z","id":"CVE-2020-37209","options":[{"exploitation":"poc"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"disclosure@vulncheck.com","type":"Secondary","description":[{"lang":"en","value":"CWE-120"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:nsasoft:spotftp:3.0.0.0:*:*:*:*:*:*:*","matchCriteriaId":"6C046573-555E-4DAF-8409-01CFC9635AAD"}]}]}],"references":[{"url":"http://www.nsauditor.com/","source":"disclosure@vulncheck.com","tags":["Product"]},{"url":"https://www.exploit-db.com/exploits/47868","source":"disclosure@vulncheck.com","tags":["Exploit","Third Party Advisory","VDB Entry"]},{"url":"https://www.vulncheck.com/advisories/spotftp-ftp-password-recovery-name-denial-of-service","source":"disclosure@vulncheck.com","tags":["Third Party Advisory"]}]}},{"cve":{"id":"CVE-2020-37210","sourceIdentifier":"disclosure@vulncheck.com","published":"2026-02-11T21:16:16.483","lastModified":"2026-06-29T18:33:15.047","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"SpotIE 2.9.5 contains a denial of service vulnerability in the registration key input that allows attackers to crash the application. Attackers can generate a 1000-character buffer payload and paste it into the 'Key' field to trigger an application crash."},{"lang":"es","value":"SpotIE 2.9.5 contiene una vulnerabilidad de denegación de servicio en la entrada de la clave de registro que permite a los atacantes bloquear la aplicación. Los atacantes pueden generar una carga útil de búfer de 1000 caracteres y pegarla en el campo 'Key' para provocar un bloqueo de la aplicación."}],"affected":[{"source":"disclosure@vulncheck.com","affectedData":[{"vendor":"Nsasoft","product":"Nsauditor SpotIE","versions":[{"version":"2.9.5","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"disclosure@vulncheck.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":4.6,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"NONE","userInteraction":"ACTIVE","vulnConfidentialityImpact":"NONE","vulnIntegrityImpact":"NONE","vulnAvailabilityImpact":"LOW","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"disclosure@vulncheck.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":3.6},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H","baseScore":5.5,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-02-12T15:56:45.193940Z","id":"CVE-2020-37210","options":[{"exploitation":"poc"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"disclosure@vulncheck.com","type":"Secondary","description":[{"lang":"en","value":"CWE-120"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:nsasoft:spotie:*:*:*:*:*:*:*:*","versionEndIncluding":"2.9.5","matchCriteriaId":"9AAC2355-A1ED-4013-AFBF-4CC6E3C995DC"}]}]}],"references":[{"url":"http://www.nsauditor.com/","source":"disclosure@vulncheck.com","tags":["Product"]},{"url":"https://www.exploit-db.com/exploits/47855","source":"disclosure@vulncheck.com","tags":["Exploit","VDB Entry"]},{"url":"https://www.vulncheck.com/advisories/spotie-key-denial-of-service","source":"disclosure@vulncheck.com","tags":["Third Party Advisory"]}]}},{"cve":{"id":"CVE-2020-37211","sourceIdentifier":"disclosure@vulncheck.com","published":"2026-02-11T21:16:16.673","lastModified":"2026-06-29T18:31:32.867","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"SpotIM 2.2 contains a denial of service vulnerability that allows attackers to crash the application by inputting a large buffer in the registration name field. Attackers can generate a 1000-character payload and paste it into the 'Name' field to trigger an application crash."},{"lang":"es","value":"SpotIM 2.2 contiene una vulnerabilidad de denegación de servicio que permite a los atacantes bloquear la aplicación al introducir un búfer grande en el campo de nombre de registro. Los atacantes pueden generar una carga útil de 1000 caracteres y pegarla en el campo 'Name' para provocar un bloqueo de la aplicación."}],"affected":[{"source":"disclosure@vulncheck.com","affectedData":[{"vendor":"Nsasoft","product":"Nsauditor SpotIM","versions":[{"version":"2.2","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"disclosure@vulncheck.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":4.6,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"NONE","userInteraction":"ACTIVE","vulnConfidentialityImpact":"NONE","vulnIntegrityImpact":"NONE","vulnAvailabilityImpact":"LOW","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"disclosure@vulncheck.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":3.6},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H","baseScore":5.5,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-02-12T15:50:15.520953Z","id":"CVE-2020-37211","options":[{"exploitation":"poc"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"disclosure@vulncheck.com","type":"Secondary","description":[{"lang":"en","value":"CWE-120"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:nsasoft:spotim:*:*:*:*:*:*:*:*","versionEndIncluding":"2.2","matchCriteriaId":"CC750257-C0B3-4361-B002-95D32D0D096C"}]}]}],"references":[{"url":"http://www.nsauditor.com/","source":"disclosure@vulncheck.com","tags":["Product"]},{"url":"https://www.exploit-db.com/exploits/47870","source":"disclosure@vulncheck.com","tags":["Exploit","VDB Entry"]},{"url":"https://www.vulncheck.com/advisories/spotim-name-denial-of-service","source":"disclosure@vulncheck.com","tags":["Third Party Advisory"]}]}},{"cve":{"id":"CVE-2020-37212","sourceIdentifier":"disclosure@vulncheck.com","published":"2026-02-11T21:16:16.840","lastModified":"2026-06-29T18:31:25.317","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"SpotMSN 2.4.6 contains a denial of service vulnerability in the registration name input field that allows attackers to crash the application. Attackers can generate a 1000-character payload and paste it into the 'Name' field to trigger an application crash."},{"lang":"es","value":"SpotMSN 2.4.6 contiene una vulnerabilidad de denegación de servicio en el campo de entrada del nombre de registro que permite a los atacantes bloquear la aplicación. Los atacantes pueden generar una carga útil de 1000 caracteres y pegarla en el campo 'Name' para provocar un bloqueo de la aplicación."}],"affected":[{"source":"disclosure@vulncheck.com","affectedData":[{"vendor":"Nsasoft","product":"Nsauditor SpotMSN","versions":[{"version":"2.4.6","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"disclosure@vulncheck.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":4.6,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"NONE","userInteraction":"ACTIVE","vulnConfidentialityImpact":"NONE","vulnIntegrityImpact":"NONE","vulnAvailabilityImpact":"LOW","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"disclosure@vulncheck.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":3.6},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H","baseScore":5.5,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-02-12T15:48:13.451850Z","id":"CVE-2020-37212","options":[{"exploitation":"poc"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"disclosure@vulncheck.com","type":"Secondary","description":[{"lang":"en","value":"CWE-120"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:nsasoft:spotmsn:*:*:*:*:*:*:*:*","versionEndIncluding":"2.4.6","matchCriteriaId":"FEAE7BCD-2685-4488-82EF-8A29E089B3D3"}]}]}],"references":[{"url":"http://www.nsauditor.com/","source":"disclosure@vulncheck.com","tags":["Product"]},{"url":"https://www.exploit-db.com/exploits/47869","source":"disclosure@vulncheck.com","tags":["Exploit","VDB Entry"]},{"url":"https://www.vulncheck.com/advisories/spotmsn-name-denial-of-service","source":"disclosure@vulncheck.com","tags":["Third Party Advisory"]}]}},{"cve":{"id":"CVE-2019-25434","sourceIdentifier":"disclosure@vulncheck.com","published":"2026-02-20T23:16:00.037","lastModified":"2026-06-29T18:28:40.610","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"SpotAuditor 5.3.1.0 contains a denial of service vulnerability that allows unauthenticated attackers to crash the application by submitting excessive data in the registration name field. Attackers can enter a large string of characters (5000 bytes or more) in the name field during registration to trigger an unhandled exception that crashes the application."},{"lang":"es","value":"SpotAuditor 5.3.1.0 contiene una vulnerabilidad de denegación de servicio que permite a atacantes no autenticados provocar la caída de la aplicación al enviar datos excesivos en el campo de nombre de registro. Los atacantes pueden introducir una cadena grande de caracteres (5000 bytes o más) en el campo de nombre durante el registro para activar una excepción no controlada que provoca la caída de la aplicación."}],"affected":[{"source":"disclosure@vulncheck.com","affectedData":[{"vendor":"Nsasoft","product":"Nsauditor SpotAuditor","versions":[{"version":"SpotAuditor 5.3.1.0","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"disclosure@vulncheck.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":6.7,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"NONE","userInteraction":"ACTIVE","vulnConfidentialityImpact":"NONE","vulnIntegrityImpact":"NONE","vulnAvailabilityImpact":"HIGH","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"disclosure@vulncheck.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":3.6},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H","baseScore":5.5,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-02-24T15:24:57.452258Z","id":"CVE-2019-25434","options":[{"exploitation":"poc"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"disclosure@vulncheck.com","type":"Secondary","description":[{"lang":"en","value":"CWE-121"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:nsasoft:spotauditor:*:*:*:*:*:*:*:*","versionEndIncluding":"5.3.1.0","matchCriteriaId":"A97BC20D-9434-420C-8F44-7AB6D0946AAC"}]}]}],"references":[{"url":"http://www.nsauditor.com","source":"disclosure@vulncheck.com","tags":["Product"]},{"url":"https://www.exploit-db.com/exploits/47494","source":"disclosure@vulncheck.com","tags":["Exploit","VDB Entry"]},{"url":"https://www.vulncheck.com/advisories/spotauditor-denial-of-service-via-registration-name-field","source":"disclosure@vulncheck.com","tags":["Third Party Advisory"]}]}},{"cve":{"id":"CVE-2026-20108","sourceIdentifier":"psirt@cisco.com","published":"2026-03-25T16:16:14.420","lastModified":"2026-06-29T18:10:12.117","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"A vulnerability in the web-based management interface of Cisco Catalyst SD-WAN Manager could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface of an affected device.\r\n\r This vulnerability is due to insufficient validation of user input. An attacker could exploit this vulnerability by persuading a user of the web-based management interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information."},{"lang":"es","value":"Una vulnerabilidad en la interfaz de gestión basada en web de Cisco Catalyst SD-WAN Manager podría permitir a un atacante remoto autenticado realizar un ataque de cross-site scripting (XSS) contra un usuario de la interfaz de un dispositivo afectado. Esta vulnerabilidad se debe a una validación insuficiente de la entrada del usuario. Un atacante podría explotar esta vulnerabilidad persuadiendo a un usuario de la interfaz de gestión basada en web para que haga clic en un enlace manipulado. Un exploit exitoso podría permitir al atacante ejecutar código de script arbitrario en el contexto de la interfaz afectada o acceder a información sensible basada en el navegador."}],"affected":[{"source":"psirt@cisco.com","affectedData":[{"vendor":"Cisco","product":"Cisco Catalyst SD-WAN Manager","versions":[{"version":"20.12.1","status":"affected"},{"version":"20.12.1_LI_Images","status":"affected"},{"version":"20.12.2","status":"affected"},{"version":"20.12.3","status":"affected"},{"version":"20.12.3.1","status":"affected"},{"version":"20.12.4","status":"affected"},{"version":"20.12.4.1","status":"affected"},{"version":"20.12.5","status":"affected"},{"version":"20.12.5.1","status":"affected"},{"version":"20.12.5.2","status":"affected"},{"version":"20.12.6","status":"affected"},{"version":"20.12.6.1","status":"affected"},{"version":"20.12.5.3","status":"affected"},{"version":"20.13.1","status":"affected"},{"version":"20.14.1","status":"affected"},{"version":"20.15.1","status":"affected"},{"version":"20.15.2","status":"affected"},{"version":"20.15.3","status":"affected"},{"version":"20.15.3.1","status":"affected"},{"version":"20.15.4","status":"affected"},{"version":"20.15.4.1","status":"affected"},{"version":"20.15.4.2","status":"affected"},{"version":"20.16.1","status":"affected"},{"version":"20.18.1","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"psirt@cisco.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N","baseScore":5.4,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.3,"impactScore":2.7}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-03-27T15:00:20.527145Z","id":"CVE-2026-20108","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"psirt@cisco.com","type":"Secondary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:catalyst_sd-wan_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"20.12","versionEndExcluding":"20.12.5.3","matchCriteriaId":"B011A1EA-A501-4CC0-AFC9-2181ACC81AFE"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:catalyst_sd-wan_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"20.13","versionEndExcluding":"20.15.4.2","matchCriteriaId":"D284EA84-6C27-4A9C-BDA2-D1C5BF1F2356"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:catalyst_sd-wan_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"20.16","versionEndExcluding":"20.18.2.1","matchCriteriaId":"B94E1DC2-5DA5-4238-8040-6D524DDEAA4F"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:catalyst_sd-wan_manager:20.12.6:*:*:*:*:*:*:*","matchCriteriaId":"F5B6E170-73B8-4838-93B4-AD258F3BCA7C"}]}]}],"references":[{"url":"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-vmanage-xss-ZqkhP9W9","source":"psirt@cisco.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-33555","sourceIdentifier":"cve@mitre.org","published":"2026-04-13T17:16:28.237","lastModified":"2026-06-29T15:28:15.663","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"An issue was discovered in HAProxy before 3.3.6. The HTTP/3 parser does not check that the received body length matches a previously announced content-length when the stream is closed via a frame with an empty payload. This can cause desynchronization issues with the backend server and could be used for request smuggling. The earliest affected version is 2.6."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"HAProxy","product":"HAProxy","defaultStatus":"unaffected","versions":[{"version":"2.6","lessThan":"3.3.6","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"cve@mitre.org","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N","baseScore":4.0,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"NONE","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.2,"impactScore":1.4},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N","baseScore":5.8,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"NONE","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":1.4}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-04-22T18:42:59.239377Z","id":"CVE-2026-33555","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"cve@mitre.org","type":"Secondary","description":[{"lang":"en","value":"CWE-130"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:haproxy:haproxy:*:*:*:*:*:*:*:*","versionStartIncluding":"2.6.0","versionEndExcluding":"3.3.6","matchCriteriaId":"B0C66EEE-8E91-4525-9187-0FB58152B8BC"}]}]}],"references":[{"url":"https://github.com/haproxy/haproxy/commit/05a295441c621089ffa4318daf0dbca2dd756a84","source":"cve@mitre.org","tags":["Patch"]},{"url":"https://r3verii.github.io/cve/2026/04/14/haproxy-h3-standalone-fin-smuggling.html","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://www.haproxy.com/documentation/haproxy-aloha/changelog/","source":"cve@mitre.org","tags":["Release Notes"]},{"url":"https://www.haproxy.org","source":"cve@mitre.org","tags":["Product"]},{"url":"https://www.mail-archive.com/haproxy@formilux.org/msg46752.html","source":"cve@mitre.org","tags":["Release Notes"]},{"url":"https://r3verii.github.io/cve/2026/04/14/haproxy-h3-standalone-fin-smuggling.html","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2025-40745","sourceIdentifier":"productcert@siemens.com","published":"2026-04-14T09:16:34.683","lastModified":"2026-06-29T14:03:06.570","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"A vulnerability has been identified in Siemens Software Center (All versions < V3.5.8.2), Simcenter 3D (All versions < V2506.6000), Simcenter Femap (All versions < V2506.0002), Simcenter STAR-CCM+ (All versions < V2602), Solid Edge SE2025 (All versions < V225.0 Update 13), Solid Edge SE2026 (All versions < V226.0 Update 04), Tecnomatix Plant Simulation (All versions < V2504.0008). Affected applications do not properly validate client certificates to connect to Analytics Service endpoint. This could allow an unauthenticated remote attacker to perform man in the middle attacks."}],"affected":[{"source":"productcert@siemens.com","affectedData":[{"vendor":"Siemens","product":"Siemens Software Center","defaultStatus":"unknown","versions":[{"version":"0","lessThan":"V3.5.8.2","versionType":"custom","status":"affected"}]},{"vendor":"Siemens","product":"Simcenter 3D","defaultStatus":"unknown","versions":[{"version":"0","lessThan":"V2506.6000","versionType":"custom","status":"affected"}]},{"vendor":"Siemens","product":"Simcenter Femap","defaultStatus":"unknown","versions":[{"version":"0","lessThan":"V2506.0002","versionType":"custom","status":"affected"}]},{"vendor":"Siemens","product":"Simcenter STAR-CCM+","defaultStatus":"unknown","versions":[{"version":"0","lessThan":"V2602","versionType":"custom","status":"affected"}]},{"vendor":"Siemens","product":"Solid Edge SE2025","defaultStatus":"unknown","versions":[{"version":"0","lessThan":"V225.0 Update 13","versionType":"custom","status":"affected"}]},{"vendor":"Siemens","product":"Solid Edge SE2026","defaultStatus":"unknown","versions":[{"version":"0","lessThan":"V226.0 Update 04","versionType":"custom","status":"affected"}]},{"vendor":"Siemens","product":"Tecnomatix Plant Simulation","defaultStatus":"unknown","versions":[{"version":"0","lessThan":"V2504.0008","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"productcert@siemens.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":6.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"PRESENT","privilegesRequired":"NONE","userInteraction":"NONE","vulnConfidentialityImpact":"LOW","vulnIntegrityImpact":"NONE","vulnAvailabilityImpact":"NONE","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"productcert@siemens.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N","baseScore":3.7,"baseSeverity":"LOW","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":2.2,"impactScore":1.4}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-04-14T13:37:06.968025Z","id":"CVE-2025-40745","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"productcert@siemens.com","type":"Secondary","description":[{"lang":"en","value":"CWE-295"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:siemens:simcenter_3d:*:*:*:*:*:*:*:*","versionEndExcluding":"2506.6000","matchCriteriaId":"2C31BF5C-B962-481E-95A2-ACD9D388DB55"},{"vulnerable":true,"criteria":"cpe:2.3:a:siemens:simcenter_femap:*:*:*:*:*:*:*:*","versionEndExcluding":"2506.6000","matchCriteriaId":"E9602E1E-B1BF-4136-917C-88303C086C55"},{"vulnerable":true,"criteria":"cpe:2.3:a:siemens:simcenter_star-ccm\\+_viewer:*:*:*:*:*:*:*:*","versionEndExcluding":"2602","matchCriteriaId":"00674DE8-FDD6-47E5-8870-8E408DA67C2E"},{"vulnerable":true,"criteria":"cpe:2.3:a:siemens:software_center:*:*:*:*:*:*:*:*","versionEndExcluding":"3.5.8.2","matchCriteriaId":"866F67CF-C9A0-4A95-B0E6-1F151227CE44"},{"vulnerable":true,"criteria":"cpe:2.3:a:siemens:solid_edge_se2025:*:*:*:*:*:*:*:*","versionEndExcluding":"225.0","matchCriteriaId":"D5A2157C-33B7-4604-BD27-0DEEF9399CEF"},{"vulnerable":true,"criteria":"cpe:2.3:a:siemens:solid_edge_se2025:225.0:-:*:*:*:*:*:*","matchCriteriaId":"3D717792-2F86-43CD-973B-249171094C6C"},{"vulnerable":true,"criteria":"cpe:2.3:a:siemens:solid_edge_se2025:225.0:update_0001:*:*:*:*:*:*","matchCriteriaId":"2C6F3C20-8AB5-4A6A-8524-C7CBC4A4D973"},{"vulnerable":true,"criteria":"cpe:2.3:a:siemens:solid_edge_se2025:225.0:update_0002:*:*:*:*:*:*","matchCriteriaId":"03CCA3A8-F8D6-4C80-BC03-15B865CE46B7"},{"vulnerable":true,"criteria":"cpe:2.3:a:siemens:solid_edge_se2025:225.0:update_0003:*:*:*:*:*:*","matchCriteriaId":"B51556E8-9A3B-4755-BC2C-8FACABC01A7B"},{"vulnerable":true,"criteria":"cpe:2.3:a:siemens:solid_edge_se2025:225.0:update_0004:*:*:*:*:*:*","matchCriteriaId":"737A4807-387D-4099-880D-2CCEE7B77B44"},{"vulnerable":true,"criteria":"cpe:2.3:a:siemens:solid_edge_se2025:225.0:update_0005:*:*:*:*:*:*","matchCriteriaId":"9267F09C-5EFD-443F-ABE0-974C1D034464"},{"vulnerable":true,"criteria":"cpe:2.3:a:siemens:solid_edge_se2025:225.0:update_0006:*:*:*:*:*:*","matchCriteriaId":"360EB505-50D7-4853-AA48-95A117A4E7A0"},{"vulnerable":true,"criteria":"cpe:2.3:a:siemens:solid_edge_se2025:225.0:update_0007:*:*:*:*:*:*","matchCriteriaId":"7A02605E-BA38-4E17-B9B3-FFF0F27FBC55"},{"vulnerable":true,"criteria":"cpe:2.3:a:siemens:solid_edge_se2025:225.0:update_0008:*:*:*:*:*:*","matchCriteriaId":"367B1EBE-2C56-410A-A951-0C0021ECD184"},{"vulnerable":true,"criteria":"cpe:2.3:a:siemens:solid_edge_se2025:225.0:update_0009:*:*:*:*:*:*","matchCriteriaId":"1AA3A64C-AC8B-4A77-882E-6A0B9640D4E7"},{"vulnerable":true,"criteria":"cpe:2.3:a:siemens:solid_edge_se2025:225.0:update_0010:*:*:*:*:*:*","matchCriteriaId":"0DD2B288-A8FF-4823-973E-C03FED1FCC6B"},{"vulnerable":true,"criteria":"cpe:2.3:a:siemens:solid_edge_se2025:225.0:update_0011:*:*:*:*:*:*","matchCriteriaId":"38DAB8B8-670E-4AD0-9D94-746B72E07085"},{"vulnerable":true,"criteria":"cpe:2.3:a:siemens:solid_edge_se2025:225.0:update_0012:*:*:*:*:*:*","matchCriteriaId":"F8D0E6B9-5C45-4FA7-90B0-35EBD1220B0C"},{"vulnerable":true,"criteria":"cpe:2.3:a:siemens:solid_edge_se2026:*:*:*:*:*:*:*:*","versionEndExcluding":"226.0","matchCriteriaId":"F53A6649-7B50-49A8-AD11-664016B43B17"},{"vulnerable":true,"criteria":"cpe:2.3:a:siemens:solid_edge_se2026:226.0:-:*:*:*:*:*:*","matchCriteriaId":"6D5CA617-C738-465A-B941-11596360BFC5"},{"vulnerable":true,"criteria":"cpe:2.3:a:siemens:solid_edge_se2026:226.0:update_1:*:*:*:*:*:*","matchCriteriaId":"921642C9-2C52-4D93-90B8-EE8D8A476061"},{"vulnerable":true,"criteria":"cpe:2.3:a:siemens:solid_edge_se2026:226.0:update_2:*:*:*:*:*:*","matchCriteriaId":"26D68AD5-3349-4529-8369-FB644E5A4F13"},{"vulnerable":true,"criteria":"cpe:2.3:a:siemens:solid_edge_se2026:226.0:update_3:*:*:*:*:*:*","matchCriteriaId":"E8B0DA87-5FBF-46EA-9016-5197FE479B3A"},{"vulnerable":true,"criteria":"cpe:2.3:a:siemens:tecnomatix_plant_simulation:*:*:*:*:*:*:*:*","versionEndExcluding":"2504.0008","matchCriteriaId":"FBAF0708-9BBC-4A42-A777-719F2DC72715"}]}]}],"references":[{"url":"https://cert-portal.siemens.com/productcert/html/ssa-981622.html","source":"productcert@siemens.com","tags":["Mitigation","Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-20186","sourceIdentifier":"psirt@cisco.com","published":"2026-04-15T17:17:03.933","lastModified":"2026-06-29T15:28:03.217","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"A vulnerability in Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to execute arbitrary commands on the underlying operating system of an affected device. To exploit this vulnerability, the attacker must have at least Read Only Admin credentials.\r\n\r\nThis vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by sending a crafted HTTP request to an affected device. A successful exploit could allow the attacker to obtain user-level access to the underlying operating system and then elevate privileges to&nbsp;root. In single-node ISE deployments, successful exploitation of these vulnerabilities could cause the affected ISE node to become unavailable, resulting in a denial of service (DoS) condition. In that condition, endpoints that have not already authenticated would be unable to access the network until the node is restored."}],"affected":[{"source":"psirt@cisco.com","affectedData":[{"vendor":"Cisco","product":"Cisco Identity Services Engine Software","defaultStatus":"unknown","versions":[{"version":"3.1.0","status":"affected"},{"version":"3.1.0 p1","status":"affected"},{"version":"3.1.0 p3","status":"affected"},{"version":"3.1.0 p2","status":"affected"},{"version":"3.2.0","status":"affected"},{"version":"3.1.0 p4","status":"affected"},{"version":"3.1.0 p5","status":"affected"},{"version":"3.2.0 p1","status":"affected"},{"version":"3.1.0 p6","status":"affected"},{"version":"3.2.0 p2","status":"affected"},{"version":"3.1.0 p7","status":"affected"},{"version":"3.3.0","status":"affected"},{"version":"3.2.0 p3","status":"affected"},{"version":"3.2.0 p4","status":"affected"},{"version":"3.1.0 p8","status":"affected"},{"version":"3.2.0 p5","status":"affected"},{"version":"3.2.0 p6","status":"affected"},{"version":"3.1.0 p9","status":"affected"},{"version":"3.3 Patch 2","status":"affected"},{"version":"3.3 Patch 1","status":"affected"},{"version":"3.3 Patch 3","status":"affected"},{"version":"3.4.0","status":"affected"},{"version":"3.2.0 p7","status":"affected"},{"version":"3.3 Patch 4","status":"affected"},{"version":"3.4 Patch 1","status":"affected"},{"version":"3.1.0 p10","status":"affected"},{"version":"3.3 Patch 5","status":"affected"},{"version":"3.3 Patch 6","status":"affected"},{"version":"3.4 Patch 2","status":"affected"},{"version":"3.3 Patch 7","status":"affected"},{"version":"3.4 Patch 3","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"psirt@cisco.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H","baseScore":9.9,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.1,"impactScore":6.0}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-04-15T00:00:00+00:00","id":"CVE-2026-20186","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"psirt@cisco.com","type":"Secondary","description":[{"lang":"en","value":"CWE-77"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:identity_services_engine:*:*:*:*:*:*:*:*","versionEndExcluding":"3.2.0","matchCriteriaId":"68181711-C28D-4464-8C67-0A4FA0F338BF"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:identity_services_engine:3.2.0:-:*:*:*:*:*:*","matchCriteriaId":"7932D5D5-83E1-4BEF-845A-D0783D4BB750"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:identity_services_engine:3.2.0:patch1:*:*:*:*:*:*","matchCriteriaId":"1B818846-4A6E-4256-B344-281E8C786C43"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:identity_services_engine:3.2.0:patch2:*:*:*:*:*:*","matchCriteriaId":"A44858A2-922A-425A-8B38-0C47DB911A3C"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:identity_services_engine:3.2.0:patch3:*:*:*:*:*:*","matchCriteriaId":"53484A32-757B-42F8-B655-554C34222060"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:identity_services_engine:3.2.0:patch4:*:*:*:*:*:*","matchCriteriaId":"0CCAC61F-C273-49B3-A631-31D3AE3EB148"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:identity_services_engine:3.2.0:patch5:*:*:*:*:*:*","matchCriteriaId":"51AEFCE6-FB4A-4B1C-A23D-83CC3CF3FBBD"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:identity_services_engine:3.2.0:patch6:*:*:*:*:*:*","matchCriteriaId":"B452B4F0-8510-475E-9AE8-B48FABB4D7D3"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:identity_services_engine:3.2.0:patch7:*:*:*:*:*:*","matchCriteriaId":"5733512D-12B5-4098-AF90-9D68217FAC27"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:identity_services_engine:3.3.0:-:*:*:*:*:*:*","matchCriteriaId":"F1B9C2C1-59A4-49A0-9B74-83CCB063E55D"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:identity_services_engine:3.3.0:patch1:*:*:*:*:*:*","matchCriteriaId":"DFD29A0B-0D75-4EAB-BCE0-79450EC75DD0"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:identity_services_engine:3.3.0:patch2:*:*:*:*:*:*","matchCriteriaId":"E6C94CC4-CC08-4DAF-A606-FDAFC92720A9"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:identity_services_engine:3.3.0:patch3:*:*:*:*:*:*","matchCriteriaId":"BB069EA3-7B8C-42B5-8035-2EE5ED3F56E4"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:identity_services_engine:3.3.0:patch4:*:*:*:*:*:*","matchCriteriaId":"FF8B81A6-BF44-4E5F-B167-39F61DDCA026"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:identity_services_engine:3.3.0:patch5:*:*:*:*:*:*","matchCriteriaId":"56E0F0EC-3E66-4866-89F5-89B331F3F517"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:identity_services_engine:3.3.0:patch6:*:*:*:*:*:*","matchCriteriaId":"2E3E8937-2859-4A2A-91C0-05F674EF0466"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:identity_services_engine:3.3.0:patch7:*:*:*:*:*:*","matchCriteriaId":"D4B14684-EB9E-405B-85FA-B62E57CB292C"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:identity_services_engine:3.4.0:-:*:*:*:*:*:*","matchCriteriaId":"D23905E0-E525-49B1-8E5F-4EB42D186768"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:identity_services_engine:3.4.0:patch1:*:*:*:*:*:*","matchCriteriaId":"74509498-38EF-4345-9583-CEF5C26CA1D8"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:identity_services_engine:3.4.0:patch2:*:*:*:*:*:*","matchCriteriaId":"CD05FF93-7B8C-4283-9DB7-E03FE98FAADF"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:identity_services_engine:3.4.0:patch3:*:*:*:*:*:*","matchCriteriaId":"0F9B6A8E-E773-44A3-9266-878F0C58EB41"}]}]}],"references":[{"url":"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ise-rce-4fverepv","source":"psirt@cisco.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-5720","sourceIdentifier":"disclosure@vulncheck.com","published":"2026-04-17T22:16:33.803","lastModified":"2026-06-29T14:22:29.553","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"miniupnpd contains an integer underflow vulnerability in SOAPAction header parsing that allows remote attackers to cause a denial of service or information disclosure by sending a malformed SOAPAction header with a single quote. Attackers can trigger an out-of-bounds memory read by exploiting improper length validation in ParseHttpHeaders(), where the parsed length underflows to a large unsigned value when passed to memchr(), causing the process to scan memory far beyond the allocated HTTP request buffer."}],"affected":[{"source":"disclosure@vulncheck.com","affectedData":[{"vendor":"miniupnp project","product":"miniupnpd","defaultStatus":"unknown","versions":[{"version":"0","lessThan":"2.3.10","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"disclosure@vulncheck.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":7.1,"baseSeverity":"HIGH","attackVector":"ADJACENT","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"NONE","userInteraction":"NONE","vulnConfidentialityImpact":"LOW","vulnIntegrityImpact":"NONE","vulnAvailabilityImpact":"HIGH","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H","baseScore":9.1,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.2}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-04-20T14:51:38.349879Z","id":"CVE-2026-5720","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"disclosure@vulncheck.com","type":"Secondary","description":[{"lang":"en","value":"CWE-125"},{"lang":"en","value":"CWE-191"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:miniupnp_project:miniupnpd:*:*:*:*:*:*:*:*","versionEndExcluding":"2.3.10","matchCriteriaId":"98F2C3E8-230F-4C27-BE4F-81FECF35732A"}]}]}],"references":[{"url":"https://github.com/miniupnp/miniupnp/","source":"disclosure@vulncheck.com","tags":["Product"]},{"url":"https://github.com/miniupnp/miniupnp/commit/f56bd09b2f2650126b832c5f30a65a09e28167fa","source":"disclosure@vulncheck.com","tags":["Patch"]},{"url":"https://www.vulncheck.com/advisories/miniupnpd-integer-underflow-soapaction-header-parsing","source":"disclosure@vulncheck.com","tags":["Third Party Advisory","VDB Entry"]}]}},{"cve":{"id":"CVE-2026-24082","sourceIdentifier":"product-security@qualcomm.com","published":"2026-05-04T17:16:21.453","lastModified":"2026-06-29T14:24:52.800","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Memory Corruption when copying data from a freed source while executing performance counter deselect operation."}],"affected":[{"source":"product-security@qualcomm.com","affectedData":[{"vendor":"Qualcomm, Inc.","product":"Snapdragon","defaultStatus":"unaffected","platforms":["Snapdragon Auto","Snapdragon Compute","Snapdragon Consumer IOT","Snapdragon Industrial IOT","Snapdragon Mobile","Snapdragon Voice & Music","Snapdragon WBC","Snapdragon Wearables"],"versions":[{"version":"AR8031","status":"affected"},{"version":"AR8035","status":"affected"},{"version":"CSRA6620","status":"affected"},{"version":"CSRA6640","status":"affected"},{"version":"FastConnect 6200","status":"affected"},{"version":"FastConnect 6700","status":"affected"},{"version":"FastConnect 6900","status":"affected"},{"version":"FastConnect 7800","status":"affected"},{"version":"Flight RB5 5G Platform","status":"affected"},{"version":"FWA Gen 3 Ultra Platform","status":"affected"},{"version":"G1 Gen 1","status":"affected"},{"version":"G3x Gen 2","status":"affected"},{"version":"Kalpeni","status":"affected"},{"version":"LeMans_AU_LGIT","status":"affected"},{"version":"LeMansAU","status":"affected"},{"version":"MDM9250","status":"affected"},{"version":"MDM9628","status":"affected"},{"version":"Milos","status":"affected"},{"version":"Milos_IOT","status":"affected"},{"version":"Pandeiro","status":"affected"},{"version":"QAM8255P","status":"affected"},{"version":"QAM8295P","status":"affected"},{"version":"QAMSRV1H","status":"affected"},{"version":"QAMSRV1M","status":"affected"},{"version":"QCA2066","status":"affected"},{"version":"QCA6174A","status":"affected"},{"version":"QCA6391","status":"affected"},{"version":"QCA6564A","status":"affected"},{"version":"QCA6564AU","status":"affected"},{"version":"QCA6574","status":"affected"},{"version":"QCA6574A","status":"affected"},{"version":"QCA6574AU","status":"affected"},{"version":"QCA6584AU","status":"affected"},{"version":"QCA6595","status":"affected"},{"version":"QCA6595AU","status":"affected"},{"version":"QCA6678AQ","status":"affected"},{"version":"QCA6688AQ","status":"affected"},{"version":"QCA6696","status":"affected"},{"version":"QCA6698AQ","status":"affected"},{"version":"QCA6698AU","status":"affected"},{"version":"QCA6797AQ","status":"affected"},{"version":"QCA8081","status":"affected"},{"version":"QCA8337","status":"affected"},{"version":"QCA8695AU","status":"affected"},{"version":"QCA9367","status":"affected"},{"version":"QCA9377","status":"affected"},{"version":"QCC710","status":"affected"},{"version":"QCM2290","status":"affected"},{"version":"QCM4325","status":"affected"},{"version":"QCM5430","status":"affected"},{"version":"QCM6125","status":"affected"},{"version":"QCM6490","status":"affected"},{"version":"QCN6224","status":"affected"},{"version":"QCN6274","status":"affected"},{"version":"QCN9011","status":"affected"},{"version":"QCN9012","status":"affected"},{"version":"QCS2290","status":"affected"},{"version":"QCS4290","status":"affected"},{"version":"QCS6690","status":"affected"},{"version":"QCS8550","status":"affected"},{"version":"QDU1000","status":"affected"},{"version":"QDU1110","status":"affected"},{"version":"QDU1210","status":"affected"},{"version":"QDX1010","status":"affected"},{"version":"QDX1011","status":"affected"},{"version":"QEP8111","status":"affected"},{"version":"QFW7114","status":"affected"},{"version":"QFW7124","status":"affected"},{"version":"QLN1083BD","status":"affected"},{"version":"QLN1086BD","status":"affected"},{"version":"QPA1083BD","status":"affected"},{"version":"QPA1086BD","status":"affected"},{"version":"QRB5165M","status":"affected"},{"version":"QRB5165N","status":"affected"},{"version":"QRU1032","status":"affected"},{"version":"Qualcomm Dragonwing QRU100 Platform","status":"affected"},{"version":"Qualcomm Dragonwing X100 Accelerator Card","status":"affected"},{"version":"Qualcomm Video Collaboration VC1 Platform","status":"affected"},{"version":"Qualcomm Video Collaboration VC3 Platform","status":"affected"},{"version":"Qualcomm Video Collaboration VC5 Platform","status":"affected"},{"version":"QXM1083","status":"affected"},{"version":"QXM1086","status":"affected"},{"version":"QXM1093","status":"affected"},{"version":"QXM1094","status":"affected"},{"version":"QXM1095","status":"affected"},{"version":"QXM1096","status":"affected"},{"version":"Robotics RB2 Platform","status":"affected"},{"version":"Robotics RB5 Platform","status":"affected"},{"version":"SA4150P","status":"affected"},{"version":"SA4155P","status":"affected"},{"version":"SA6145P","status":"affected"},{"version":"SA6150P","status":"affected"},{"version":"SA6155P","status":"affected"},{"version":"SA7255P","status":"affected"},{"version":"SA7775P","status":"affected"},{"version":"SA8145P","status":"affected"},{"version":"SA8150P","status":"affected"},{"version":"SA8155P","status":"affected"},{"version":"SA8195P","status":"affected"},{"version":"SA8255P","status":"affected"},{"version":"SA8295P","status":"affected"},{"version":"SA8620P","status":"affected"},{"version":"SA8770P","status":"affected"},{"version":"SA9000P","status":"affected"},{"version":"SAR1165P","status":"affected"},{"version":"SD662","status":"affected"},{"version":"SM6225P","status":"affected"},{"version":"SM6650P","status":"affected"},{"version":"SM7525","status":"affected"},{"version":"SM7550","status":"affected"},{"version":"SM7550P","status":"affected"},{"version":"SM7635P","status":"affected"},{"version":"SM7675","status":"affected"},{"version":"SM7675P","status":"affected"},{"version":"SM8550P","status":"affected"},{"version":"SM8635","status":"affected"},{"version":"SM8635P","status":"affected"},{"version":"SM8650Q","status":"affected"},{"version":"Smart Audio 400 Platform","status":"affected"},{"version":"Snapdragon 4 Gen 1 Mobile Platform","status":"affected"},{"version":"Snapdragon 460 Mobile Platform","status":"affected"},{"version":"Snapdragon 480 5G Mobile Platform","status":"affected"},{"version":"Snapdragon 480+ 5G Mobile Platform","status":"affected"},{"version":"Snapdragon 6 Gen 4 Mobile Platform","status":"affected"},{"version":"Snapdragon 662 Mobile Platform","status":"affected"},{"version":"Snapdragon 680 4G Mobile Platform","status":"affected"},{"version":"Snapdragon 685 4G Mobile Platform","status":"affected"},{"version":"Snapdragon 695 5G Mobile Platform","status":"affected"},{"version":"Snapdragon 7s Gen 3 Mobile Platform","status":"affected"},{"version":"Snapdragon 8 Gen 2 Mobile Platform","status":"affected"},{"version":"Snapdragon 8 Gen 3 Mobile Platform","status":"affected"},{"version":"Snapdragon 8+ Gen 2 Mobile Platform","status":"affected"},{"version":"Snapdragon AR1 Gen 1 Platform","status":"affected"},{"version":"Snapdragon AR1+ Gen 1 Platform","status":"affected"},{"version":"Snapdragon Auto 5G Modem-RF","status":"affected"},{"version":"Snapdragon Auto 5G Modem-RF Gen 2","status":"affected"},{"version":"Snapdragon X32 5G Modem-RF System","status":"affected"},{"version":"Snapdragon X35 5G Modem-RF System","status":"affected"},{"version":"Snapdragon X72 5G Modem-RF System","status":"affected"},{"version":"Snapdragon X75 5G Modem-RF System","status":"affected"},{"version":"SRV1H","status":"affected"},{"version":"SRV1M","status":"affected"},{"version":"SW5100","status":"affected"},{"version":"SW5100P","status":"affected"},{"version":"SXR2330P","status":"affected"},{"version":"SXR2350P","status":"affected"},{"version":"WCD9335","status":"affected"},{"version":"WCD9340","status":"affected"},{"version":"WCD9370","status":"affected"},{"version":"WCD9371","status":"affected"},{"version":"WCD9375","status":"affected"},{"version":"WCD9378","status":"affected"},{"version":"WCD9380","status":"affected"},{"version":"WCD9385","status":"affected"},{"version":"WCD9390","status":"affected"},{"version":"WCD9395","status":"affected"},{"version":"WCN3910","status":"affected"},{"version":"WCN3950","status":"affected"},{"version":"WCN3980","status":"affected"},{"version":"WCN3988","status":"affected"},{"version":"WCN6450","status":"affected"},{"version":"WCN6650","status":"affected"},{"version":"WCN6755","status":"affected"},{"version":"WCN7860","status":"affected"},{"version":"WCN7861","status":"affected"},{"version":"WCN7881","status":"affected"},{"version":"WSA8810","status":"affected"},{"version":"WSA8815","status":"affected"},{"version":"WSA8830","status":"affected"},{"version":"WSA8832","status":"affected"},{"version":"WSA8835","status":"affected"},{"version":"WSA8840","status":"affected"},{"version":"WSA8845","status":"affected"},{"version":"WSA8845H","status":"affected"},{"version":"XRV7209","status":"affected"},{"version":"XRV9209","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"product-security@qualcomm.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-05-04T00:00:00+00:00","id":"CVE-2026-24082","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"product-security@qualcomm.com","type":"Secondary","description":[{"lang":"en","value":"CWE-416"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:qxm1096_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"2E2D5E44-48F6-41E8-A38B-A2E070E16AA9"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:qxm1096:-:*:*:*:*:*:*:*","matchCriteriaId":"9BD0372F-5140-4966-9A27-6B5A606C0665"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:robotics_rb2_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"F674AEE0-9AF8-4BA9-A6CF-BBDBCDEB696C"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:robotics_rb2:-:*:*:*:*:*:*:*","matchCriteriaId":"B4D817C8-EBB1-4A0D-8496-7D69C607C70D"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:robotics_rb5_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"71CFA659-DE2C-4AA0-8AAD-75033B2F4663"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:robotics_rb5:-:*:*:*:*:*:*:*","matchCriteriaId":"0C3E952A-9CA6-4A41-820C-9756B453DECF"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:sa4150p_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"0DC99C0C-8AE3-4918-B91D-2C26990FE931"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:sa4150p:-:*:*:*:*:*:*:*","matchCriteriaId":"A558A868-1B67-48D2-8A94-FDEA7126FAE7"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:sa4155p_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"D8D28764-EF4F-4FB3-B936-B42397450EFD"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:sa4155p:-:*:*:*:*:*:*:*","matchCriteriaId":"7964A762-467B-47D7-865F-30D48A0AE47C"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:sa6145p_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"C66671C1-AE1A-44BE-9DB2-0B09FF4417DB"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:sa6145p:-:*:*:*:*:*:*:*","matchCriteriaId":"74AA3929-3F80-4D54-B13A-9B070D5C03BB"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:sa6150p_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"054F77D6-FC66-4151-9005-DC7ECDB5C722"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:sa6150p:-:*:*:*:*:*:*:*","matchCriteriaId":"8ED3F589-16D9-46A7-A539-C9862473EE0D"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:sa6155p_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"8DC40C14-3B2D-4E00-9E0F-86E6BDBF2D81"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:sa6155p:-:*:*:*:*:*:*:*","matchCriteriaId":"0514D433-162C-4680-8912-721D19BE6201"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:sa7255p_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"2B651F0A-34DA-400F-A376-B499BFDF8E86"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:sa7255p:-:*:*:*:*:*:*:*","matchCriteriaId":"4CFF093D-98C8-470F-8330-E5126E06343A"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:sa7775p_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"6C32CA38-5D48-4108-9858-FD66E20CAF2F"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:sa7775p:-:*:*:*:*:*:*:*","matchCriteriaId":"E1997F8B-17B8-4DE3-BCF7-726928720592"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:sa8145p_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"A71D74B0-0963-49FD-8E97-148C8993B263"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:sa8145p:-:*:*:*:*:*:*:*","matchCriteriaId":"910CBFA4-50F7-4C7A-B9B9-B88C8A919827"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:sa8150p_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"69C1B02F-8D2D-42E7-B70D-41F4D9844FD1"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:sa8150p:-:*:*:*:*:*:*:*","matchCriteriaId":"3FEACAA9-C061-4713-9A54-37D8BFC0B00B"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:sa8155p_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"C8648B38-2597-401A-8F53-D582FA911569"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:sa8155p:-:*:*:*:*:*:*:*","matchCriteriaId":"A01CD59B-8F21-4CD6-8A1A-7B37547A8715"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:sa8195p_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"51BC0A66-493B-43BE-B51F-640BDF2FF32E"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:sa8195p:-:*:*:*:*:*:*:*","matchCriteriaId":"D8DA4D12-7ABF-4A04-B44E-E1D68C8E58AB"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:sa8255p_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"EC6E268D-C4AF-4950-9223-39EA36D538A8"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:sa8255p:-:*:*:*:*:*:*:*","matchCriteriaId":"073C1A81-D02B-4F2F-9378-CD1B2DCE0E5B"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:sa8295p_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"2A19659B-A0C3-44B7-8D54-BA21729873A4"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:sa8295p:-:*:*:*:*:*:*:*","matchCriteriaId":"F978041A-CE28-4BDF-A7DB-F0360F1A5F14"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:sa8620p_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"6ACE6D64-A498-482F-8270-718F4884CFFD"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:sa8620p:-:*:*:*:*:*:*:*","matchCriteriaId":"B6E016D6-1B83-4261-A27E-1F9873F81E14"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:sa8770p_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"781CCC31-C08F-499B-BE73-6C7DB70437AF"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:sa8770p:-:*:*:*:*:*:*:*","matchCriteriaId":"75AFAA21-0589-4C6A-9418-34EE8A61BBAD"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:sa9000p_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"A024AB04-B213-4018-A4C1-FA467C7BA775"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:sa9000p:-:*:*:*:*:*:*:*","matchCriteriaId":"A2A8AB7C-5D34-4794-8C06-2193075B323F"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:sar1165p_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"9D97CD52-4CB0-4F57-9C24-530B326B8D9D"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:sar1165p:-:*:*:*:*:*:*:*","matchCriteriaId":"582EE932-DDE5-4BE5-837C-523FE3EFBA5D"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:sd662_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"C7BE7001-5539-4C5E-A064-6E62023803AE"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:sd662:-:*:*:*:*:*:*:*","matchCriteriaId":"06661DAC-5D22-433E-B5EC-486931E265B4"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:sm6225p_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"8D2B7D93-4218-4FFF-B1C0-F50EC0B2B934"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:sm6225p:-:*:*:*:*:*:*:*","matchCriteriaId":"00D9DCE1-B3CD-4F45-97DD-637AA27572DD"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:sm6650p_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"09020F3F-C869-42DF-BD9C-E78056CC8123"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:sm6650p:-:*:*:*:*:*:*:*","matchCriteriaId":"E8272228-2D68-45F2-A670-B5D6E90D9C14"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:sm7525_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"2410FF59-E0C0-4920-9656-C398DB06DEAE"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:sm7525:-:*:*:*:*:*:*:*","matchCriteriaId":"7D2B800C-4DBC-4028-875D-667C87D75247"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:sm7550_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"EEA5CE41-0596-4D38-9891-D1DF711EA7E9"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:sm7550:-:*:*:*:*:*:*:*","matchCriteriaId":"E1A901C6-FB73-4361-B391-4A4AF8C70029"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:sm7550p_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"5C5D7E2C-0955-4B6E-96E4-CFA06D937492"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:sm7550p:-:*:*:*:*:*:*:*","matchCriteriaId":"9D1D0F33-AD5A-4826-9A06-EAD2A8709974"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:sm7635p_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"3A72DAA5-E10F-40A0-A8CC-541594A3279F"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:sm7635p:-:*:*:*:*:*:*:*","matchCriteriaId":"15CC657A-7623-4F37-AC52-8AF5C83D5BDA"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:sm7675_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"012C20A8-3F48-48DD-9A77-65C9CB1F6C30"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:sm7675:-:*:*:*:*:*:*:*","matchCriteriaId":"EE992A86-36BC-40E3-8E96-6542560BE8EC"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:sm7675p_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"3B46F132-4049-40D0-8351-C1C6FD2B47A0"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:sm7675p:-:*:*:*:*:*:*:*","matchCriteriaId":"1846514C-1F95-4568-98DE-C57214401841"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:sm8550p_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"C4CDD6A2-5A3C-4572-8CE1-2F102333BB79"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:sm8550p:-:*:*:*:*:*:*:*","matchCriteriaId":"699E5D17-6144-4F0A-8D52-1E8C83990E52"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:sm8635_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"65865EE9-59C0-498F-A4C5-EC00D4642603"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:sm8635:-:*:*:*:*:*:*:*","matchCriteriaId":"CE02AB51-6FB6-4727-999B-A7466CEDC534"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:sm8635p_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"88F63D90-4BFC-4EFA-8B74-7A5027A7052D"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:sm8635p:-:*:*:*:*:*:*:*","matchCriteriaId":"20EB529B-6B9F-464F-A98B-A8ABE0F01ADB"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:sm8650q_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"1CAA8D9D-0238-4223-8F7B-134ECBB6FA05"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:sm8650q:-:*:*:*:*:*:*:*","matchCriteriaId":"D8A722B8-E1E4-43B4-8882-591CE8C5C166"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:smart_audio_400_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"BF7A6EE4-D951-480F-8F68-D49983C911D6"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:smart_audio_400:-:*:*:*:*:*:*:*","matchCriteriaId":"6FD155BC-1157-4DEA-940A-FB8BD117D4C6"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:snapdragon_4_gen_1_mobile_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"227113B6-BED5-4415-ACE5-192315EC214E"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:snapdragon_4_gen_1_mobile:-:*:*:*:*:*:*:*","matchCriteriaId":"65A640F4-373F-4358-92A6-F10C96A209AA"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:snapdragon_460_mobile_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"94AD752A-551D-4FAB-9274-CB2164C857D9"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:snapdragon_460_mobile:-:*:*:*:*:*:*:*","matchCriteriaId":"8842CC5B-C753-47D9-BE13-723A4163FF8C"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:snapdragon_480_5g_mobile_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"7289102B-C117-4CB3-9DBA-66BACC9FE193"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:snapdragon_480_5g_mobile:-:*:*:*:*:*:*:*","matchCriteriaId":"666B4CAD-FE81-4EDF-BB6F-CD260692A60B"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:snapdragon_480\\+_5g_mobile_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"A8DF4C4E-182D-472E-97AE-987203EE9057"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:snapdragon_480\\+_5g_mobile:-:*:*:*:*:*:*:*","matchCriteriaId":"5C8879AF-2AEE-49DB-BC00-8EF7E3C9A0F4"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:snapdragon_6_gen_4_mobile_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"E7D277DC-4BB9-46F4-988B-D24EAB329B97"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:snapdragon_6_gen_4_mobile:-:*:*:*:*:*:*:*","matchCriteriaId":"BA0BC5C1-2601-4E3B-BD82-0E27B78A1735"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:snapdragon_662_mobile_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"1B099F64-FCD9-43F1-A066-A4FAE6738C5A"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:snapdragon_662_mobile:-:*:*:*:*:*:*:*","matchCriteriaId":"A0A285E2-E2CE-4488-8E3D-F5D5331D992C"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:ar8031_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"FCE1ADA9-8042-4CDE-A2B9-E96665CB41BE"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:ar8031:-:*:*:*:*:*:*:*","matchCriteriaId":"BB1DE046-DD70-4ACA-9DF4-59939DAC1889"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:ar8035_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"C88B9C86-2E8E-4DCE-A30C-02977CC00F00"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:ar8035:-:*:*:*:*:*:*:*","matchCriteriaId":"EE473A5A-5CFC-4F08-A173-30717F8BD0D7"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:csra6620_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"FA42F2EA-5D00-42B8-B020-C27675B72915"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:csra6620:-:*:*:*:*:*:*:*","matchCriteriaId":"BFCF207D-B8C8-4860-89C7-673C821F0237"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:csra6640_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"A8A35ECF-B12E-42DE-A74B-2C3BE03639A4"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:csra6640:-:*:*:*:*:*:*:*","matchCriteriaId":"65B283D6-B2D2-49B6-98A8-08EDB54C1F15"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:fastconnect_6200_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"CDE1CBDE-3D28-463C-B215-AA7DF373EF09"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:fastconnect_6200:-:*:*:*:*:*:*:*","matchCriteriaId":"66BD3B88-7CF9-482D-A2DD-67F6ACF4CC57"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:fastconnect_6700_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"82B82E87-F3F4-466F-A76B-C8809121FF6F"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:fastconnect_6700:-:*:*:*:*:*:*:*","matchCriteriaId":"419A132E-E42C-4395-B74B-788A39DF1D13"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:fastconnect_6900_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"E670F500-9B71-4BBE-B5DA-221D35803C89"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:fastconnect_6900:-:*:*:*:*:*:*:*","matchCriteriaId":"9ADEB5C5-B79A-4F45-B7D3-75945B38DB6C"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:fastconnect_7800_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"B3053D68-C5D8-4D47-A4F0-9F3AF2289E1D"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:fastconnect_7800:-:*:*:*:*:*:*:*","matchCriteriaId":"638DBC7F-456F-487D-BED2-2214DFF8BEE2"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:flight_rb5_5g_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"AD5C60F1-5B7F-4AB0-9863-720A1972563E"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:flight_rb5_5g:-:*:*:*:*:*:*:*","matchCriteriaId":"C43A4F08-1E8A-4CEF-8E61-4152ED78E600"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:fwa_gen_3_ultra_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"AEB6D1A6-2CB2-4425-A5A0-EE9A9434C08C"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:fwa_gen_3_ultra:-:*:*:*:*:*:*:*","matchCriteriaId":"02675702-6F51-4AF0-A62B-3A1658E45094"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:g1_gen_1_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"0556CCE6-B61B-4DE7-AD4B-333414280DF8"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:g1_gen_1:-:*:*:*:*:*:*:*","matchCriteriaId":"CC734495-D935-40CC-9644-477E921F3EE0"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:g3x_gen_2_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"C167BE19-999E-4538-A23E-01F9C287A6C7"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:g3x_gen_2:-:*:*:*:*:*:*:*","matchCriteriaId":"1026CB5F-E30A-42DE-8432-74412CC8BA00"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:kalpeni_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"5A2D4C45-005F-4A02-BFD7-84893FF1A0E8"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:kalpeni:-:*:*:*:*:*:*:*","matchCriteriaId":"B3178A79-485F-40DB-A71D-B29BD3875A7D"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:lemans_au_lgit_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"5767FE95-737F-4C20-A5AB-EC641A68D906"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:lemans_au_lgit:-:*:*:*:*:*:*:*","matchCriteriaId":"33323A49-9267-421B-96E1-80C5FA709EBC"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:lemansau_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"2DF0ED3F-C98B-458E-ADCC-C922402BB185"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:lemansau:-:*:*:*:*:*:*:*","matchCriteriaId":"102A4B5E-1739-4C31-A626-ABF6B02FEE29"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:mdm9250_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"BA44E1D7-C4B5-4A1C-8D89-C080856104EE"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:mdm9250:-:*:*:*:*:*:*:*","matchCriteriaId":"268F94E5-15A2-4BCA-BE1B-0B6A7179B9C9"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:mdm9628_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"ADC6FBEE-D2FA-4660-A078-D6CE2097653D"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:mdm9628:-:*:*:*:*:*:*:*","matchCriteriaId":"F6BD8A1C-D9AB-4BE7-A855-31E58631879C"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:milos_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"22EFC07D-16C3-4CCC-A928-EA5EA69CAB65"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:milos:-:*:*:*:*:*:*:*","matchCriteriaId":"0D3491C1-A427-4CEC-B8BD-6A1930E6827F"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:milos_iot_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"18471E2B-412C-4D07-9997-C8663902D7B5"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:milos_iot:-:*:*:*:*:*:*:*","matchCriteriaId":"0284E269-A212-4474-AE46-255D5245096F"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:pandeiro_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"23F8EF0C-BB48-47E1-A045-254D79388F75"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:pandeiro:-:*:*:*:*:*:*:*","matchCriteriaId":"058950FC-ED72-4E91-AE13-87E738ADC083"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:qam8255p_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"3723C7B1-A7E2-401F-8D6D-189350F6BCA5"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:qam8255p:-:*:*:*:*:*:*:*","matchCriteriaId":"B12B89EF-7B12-481E-BCBC-F12B9D16321A"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:qam8295p_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"C2D9E281-B382-41AC-84CB-5B1063E5AC51"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:qam8295p:-:*:*:*:*:*:*:*","matchCriteriaId":"44EBEBD5-98C3-493B-A108-FD4DE6FFBE97"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:qamsrv1h_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"F8673334-5E11-4E95-B33D-3029499F71DF"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:qamsrv1h:-:*:*:*:*:*:*:*","matchCriteriaId":"EC0B32F6-5EF0-4591-99D7-D0E9B09DEC5A"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:qamsrv1m_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"CE03AB2A-3ED9-4489-8E5B-4FCF8BAA8559"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:qamsrv1m:-:*:*:*:*:*:*:*","matchCriteriaId":"9E646738-6A87-4470-9640-6A5A1DF3AF78"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:qca2066_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"6366F2ED-C6B7-4579-B304-C5B6DF951EB4"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:qca2066:-:*:*:*:*:*:*:*","matchCriteriaId":"09B688AF-E1A4-496C-924C-D6B725CBBE26"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:qca6174a_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"4FF653D0-15CF-4A10-8D8E-BE56F4DAB890"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:qca6174a:-:*:*:*:*:*:*:*","matchCriteriaId":"C31FA74C-6659-4457-BC32-257624F43C66"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:qca6391_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"83B53119-1B2F-4978-B7F5-33B84BE73B68"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:qca6391:-:*:*:*:*:*:*:*","matchCriteriaId":"6FEBC0C5-CAA1-475C-96C2-B8D24B2E4536"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:qca6564a_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"886124F6-B397-4EB6-8E01-6012E468ABE9"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:qca6564a:-:*:*:*:*:*:*:*","matchCriteriaId":"93ED74CE-6BF2-4983-8780-07D5336745B3"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:qca6564au_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"B59672A0-2FA6-46CC-B75A-C599B842AFB9"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:qca6564au:-:*:*:*:*:*:*:*","matchCriteriaId":"3847F4A5-90A5-4C84-B43F-0DDD81BD79CE"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:qca6574_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"9B828AC8-4A01-4537-B2BD-8180C99F5C32"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:qca6574:-:*:*:*:*:*:*:*","matchCriteriaId":"66C16E1E-9D4A-4F20-B697-833FDCCA86FB"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:qca6574a_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"828CFB37-76A6-4927-9D00-AF9A1C432DD6"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:qca6574a:-:*:*:*:*:*:*:*","matchCriteriaId":"11405993-5903-4716-B452-370281034B42"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:qca6574au_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"D527E2B1-2A46-4FBA-9F7A-F5543677C8FB"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:qca6574au:-:*:*:*:*:*:*:*","matchCriteriaId":"8374DDB3-D484-4141-AE0C-42333D2721F6"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:qca6584au_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"C3DDA896-576C-44B8-85B6-F71F473F776B"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:qca6584au:-:*:*:*:*:*:*:*","matchCriteriaId":"51A87BDA-5B24-4212-BAB3-D2BBB2F4162E"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:qca6595_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"643EC76D-2836-48E6-81DA-78C4883C33CA"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:qca6595:-:*:*:*:*:*:*:*","matchCriteriaId":"477F6529-4CE1-44FC-B6EE-D24D44C71AE7"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:qca6595au_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"288F637F-22F8-47CF-B67F-C798A730A1BD"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:qca6595au:-:*:*:*:*:*:*:*","matchCriteriaId":"D0996EA3-1C92-4933-BE34-9CF625E59FE7"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:qca6678aq_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"D001127D-8160-42F0-B8B9-2FAA2976B530"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:qca6678aq:-:*:*:*:*:*:*:*","matchCriteriaId":"C9EB615F-FD4C-450B-AB25-E936FD9816C4"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:qca6688aq_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"AFBD264F-F24A-4CDD-B316-9514A61B91E7"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:qca6688aq:-:*:*:*:*:*:*:*","matchCriteriaId":"94CC5BC4-011D-4D2B-8891-97FBF61FD783"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:qca6696_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"0AE207DB-9770-40ED-961D-FDA75965826F"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:qca6696:-:*:*:*:*:*:*:*","matchCriteriaId":"0E23922D-C37F-476F-A623-4C1458A9156F"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:qca6698aq_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"5FA1F8F4-EAF2-4704-A8A6-19AD3CA1B577"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:qca6698aq:-:*:*:*:*:*:*:*","matchCriteriaId":"B3F7853D-09EE-476F-B48D-BB30AEB4A67D"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:qca6698au_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"3ACA09C0-84A5-493A-A9BD-EF95A8330D54"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:qca6698au:-:*:*:*:*:*:*:*","matchCriteriaId":"3A2397BD-431C-4730-92E3-17A5C2445A65"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:qca6797aq_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"797295C2-535C-46A9-A725-E1A5405F0436"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:qca6797aq:-:*:*:*:*:*:*:*","matchCriteriaId":"8BFC575E-594E-4711-94B1-2DC8D03B9AC4"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:qca8081_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"1D1C53DC-D2F3-4C92-9725-9A85340AF026"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:qca8081:-:*:*:*:*:*:*:*","matchCriteriaId":"ED0585FF-E390-46E8-8701-70964A4057BB"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:qca8337_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"2FA8F9DA-1386-4961-B9B2-484E4347852A"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:qca8337:-:*:*:*:*:*:*:*","matchCriteriaId":"117289C8-7484-4EAE-8F35-A25768F00EED"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:qca8695au_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"55A21DB0-4722-4421-8E97-B0E31B93E53B"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:qca8695au:-:*:*:*:*:*:*:*","matchCriteriaId":"797B8944-61F0-4522-97FE-3C172369F477"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:qca9367_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"2AD0E09B-92EC-4974-BC5F-66C3AAF586B1"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:qca9367:-:*:*:*:*:*:*:*","matchCriteriaId":"3FBA48AB-85F4-4D6C-B811-87756B80FFB8"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:wcn7881_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"D765C392-5F38-4E6A-9E88-59629E7A6911"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:wcn7881:-:*:*:*:*:*:*:*","matchCriteriaId":"FAE8F4F9-F692-4EC0-A3FE-2CDD681DCBFD"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:wsa8810_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"15307882-7039-43E9-9BA3-035045988B99"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:wsa8810:-:*:*:*:*:*:*:*","matchCriteriaId":"AA85B322-E593-4499-829A-CC6D70BAE884"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:wsa8815_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"E839A0B9-64C3-4C7A-82B7-D2AAF65928F8"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:wsa8815:-:*:*:*:*:*:*:*","matchCriteriaId":"7E870D82-DE3B-4199-A730-C8FB545BAA98"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:wsa8830_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"11B69595-E488-4590-A150-CE5BE08B5E13"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:wsa8830:-:*:*:*:*:*:*:*","matchCriteriaId":"BF680174-5FA6-47D9-8EAB-CC2A37A7BD42"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:wsa8832_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"7ACAD26E-B79E-4659-91A5-D301281F7D36"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:wsa8832:-:*:*:*:*:*:*:*","matchCriteriaId":"F0E46DA6-9494-4D92-A4AE-A272AF6ACCCC"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:wsa8835_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"F80BC68E-7476-4A40-9F48-53722FE9A5BF"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:wsa8835:-:*:*:*:*:*:*:*","matchCriteriaId":"6B36F4B2-BAA3-45AD-9967-0EB482C99708"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:wsa8840_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"CA33DE15-C177-43B3-AD50-FF797753D12E"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:wsa8840:-:*:*:*:*:*:*:*","matchCriteriaId":"AE1A5841-5BCB-4033-ACB9-23F3FCA65309"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:wsa8845_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"5B47BF35-3AA0-4667-842E-19B0FE30BF3C"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:wsa8845:-:*:*:*:*:*:*:*","matchCriteriaId":"8A071672-9405-4418-9141-35CEADBB65AF"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:wsa8845h_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"BB7CF473-8B25-4851-91F2-1BD693CCDC85"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:wsa8845h:-:*:*:*:*:*:*:*","matchCriteriaId":"91E591F2-8F72-4A5A-9264-2742EB2DABDA"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:xrv7209_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"CC6C6243-E092-4903-BC20-E3B0CECBC790"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:xrv7209:-:*:*:*:*:*:*:*","matchCriteriaId":"AAA33761-D61C-4A81-B233-5E2D50F3596F"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:xrv9209_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"3D693483-72F9-42B1-8EDA-8DABD537F428"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:xrv9209:-:*:*:*:*:*:*:*","matchCriteriaId":"43F4A7D9-055D-475B-BFE4-61A86C7397F8"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:qca9377_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"C4D2B46E-3996-42FD-B932-09E92C02EC8A"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:qca9377:-:*:*:*:*:*:*:*","matchCriteriaId":"98E58C63-F253-4DCC-8A14-48FEB64B4C3D"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:qcc710_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"2A75D017-032F-4369-917C-567EE2A809F2"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:qcc710:-:*:*:*:*:*:*:*","matchCriteriaId":"107F0423-608C-404D-B58B-616A6494418F"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:qcm2290_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"5AB1F0FA-25F3-4304-A3BC-5264E55CC092"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:qcm2290:-:*:*:*:*:*:*:*","matchCriteriaId":"214A053F-D80C-4AD9-B4F1-83384095A3F3"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:qcm4325_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"F2D8044B-D4E5-4174-A0FB-478F8434EE8F"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:qcm4325:-:*:*:*:*:*:*:*","matchCriteriaId":"163FE96E-DF5B-4B67-8EDE-44A5B9A8492D"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:qcm5430_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"4EC5F81B-AA24-4E3C-9FC8-53E010AC977E"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:qcm5430:-:*:*:*:*:*:*:*","matchCriteriaId":"B5C66DAD-0D85-46B8-92D7-6D68B9429E9A"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:qcm6125_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"AB226552-52D9-44F5-A170-35C44761A72B"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:qcm6125:-:*:*:*:*:*:*:*","matchCriteriaId":"FBB16DC4-CDC9-4936-9C6A-0ED8E1F6D056"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:qcm6490_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"ADD6D51E-5787-42A6-8A02-4EBBAFFF9C94"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:qcm6490:-:*:*:*:*:*:*:*","matchCriteriaId":"99AA0291-B822-4CAD-BA17-81B632FC3FEF"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:qcn6224_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"5F4362D2-30A3-4388-ABB6-293878AD7036"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:qcn6224:-:*:*:*:*:*:*:*","matchCriteriaId":"BB6AE9A7-386A-473B-9BD5-DA37B1E696C5"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:qcn6274_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"88376C1D-AC4D-4EB0-AF6A-274D020F5859"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:qcn6274:-:*:*:*:*:*:*:*","matchCriteriaId":"E15BA4B4-C97F-45C0-A4AD-7E46387F19A6"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:qcn9011_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"9306C34D-47E4-40CF-89F4-BA5263655D13"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:qcn9011:-:*:*:*:*:*:*:*","matchCriteriaId":"02BA009F-24E1-4953-BA95-2A5BC1CDBDBB"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:qcn9012_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"61F34DD2-9DC0-49E5-BC85-1543EA199477"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:qcn9012:-:*:*:*:*:*:*:*","matchCriteriaId":"1A06879F-6FE9-448A-8186-8347D76F872B"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:qcs2290_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"93CDB7BC-89F2-4482-B8E3-9DDBD918C851"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:qcs2290:-:*:*:*:*:*:*:*","matchCriteriaId":"76E03AE9-2485-449B-BCFD-3E452BB01FC6"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:qcs4290_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"06789CB9-E6FA-400D-90B6-C2DB6C8EF153"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:qcs4290:-:*:*:*:*:*:*:*","matchCriteriaId":"FFCB9F22-57F2-4327-95B9-B2342A02E45E"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:qcs6690_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"F8AD50C4-E725-48B8-8291-A62EF153D50A"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:qcs6690:-:*:*:*:*:*:*:*","matchCriteriaId":"4B5A7BC1-E4B1-486C-A433-D206A42A1356"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:qcs8550_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"FFF23DDB-98A0-4343-ADD3-5AB9C2383E7E"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:qcs8550:-:*:*:*:*:*:*:*","matchCriteriaId":"5ACB8AFB-5B91-4AA1-BA3A-1AF0B3503080"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:qdu1000_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"407EE4D5-1F52-40D6-B85A-E49915D6EF2D"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:qdu1000:-:*:*:*:*:*:*:*","matchCriteriaId":"5846C9DD-63E5-482D-BE01-3A1E89CC0EDE"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:qdu1110_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"7F5F9F3D-1F57-4D16-972E-AF39E438E4C3"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:qdu1110:-:*:*:*:*:*:*:*","matchCriteriaId":"53D6BEFE-AA21-4786-B11C-A6683AC06622"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:qdu1210_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"32E0EBD5-A846-44F9-9DEC-1C6711C96A5B"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:qdu1210:-:*:*:*:*:*:*:*","matchCriteriaId":"C68F8102-788C-4EF3-83E4-56DF764DFFBC"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:qdx1010_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"6B7AB84B-55D0-45EB-ABA8-F69E5179507E"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:qdx1010:-:*:*:*:*:*:*:*","matchCriteriaId":"B908A65E-F3B2-417A-91EE-1BE855BABD2E"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:qdx1011_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"6554B2E1-AE96-40CE-A19F-C7516CDBC41A"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:qdx1011:-:*:*:*:*:*:*:*","matchCriteriaId":"1991232B-B58F-481E-A7EE-0546E64C12CC"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:qep8111_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"BEB4913D-940F-49CC-951A-9704CCEE636C"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:qep8111:-:*:*:*:*:*:*:*","matchCriteriaId":"4E93E1D2-4546-4D60-B53D-20CF09551766"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:qfw7114_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"7456782E-B6CE-42ED-A51E-39907120E28B"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:qfw7114:-:*:*:*:*:*:*:*","matchCriteriaId":"637BF4DF-BB40-479F-B696-6AD9D4B35D64"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:qfw7124_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"D72C4CE0-AB59-4652-854F-94C9998F2712"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:qfw7124:-:*:*:*:*:*:*:*","matchCriteriaId":"98720774-11B8-4B4B-BC73-D4DA84E07F78"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:qln1083bd_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"FD70F234-1EE7-4362-97F6-5AEDB7078D03"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:qln1083bd:-:*:*:*:*:*:*:*","matchCriteriaId":"C569A848-B70C-42EF-B6D5-4A86547586EE"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:qln1086bd_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"F218DF06-C40A-4738-ABB5-A3FA2243EF84"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:qln1086bd:-:*:*:*:*:*:*:*","matchCriteriaId":"2E2A0CD0-66FA-45D6-BBC7-03641203EC73"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:qpa1083bd_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"B0208F7B-A959-485E-B004-A34CB7C7C4C9"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:qpa1083bd:-:*:*:*:*:*:*:*","matchCriteriaId":"FBDAC812-4603-4D24-A861-23825E32D44E"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:qpa1086bd_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"7F6DEF72-A8FF-4B67-AA6C-5CB4AA7B35E1"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:qpa1086bd:-:*:*:*:*:*:*:*","matchCriteriaId":"00EF6875-B088-40BD-A526-C962789CDC5A"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:qrb5165m_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"D9CC1C8B-F642-4068-B9E3-ECE027486E45"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:qrb5165m:-:*:*:*:*:*:*:*","matchCriteriaId":"A60F8378-B827-4557-B891-A8A02F8F2A25"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:qrb5165n_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"97BB1EB7-D194-4FE2-B4F6-A7A52F344DDE"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:qrb5165n:-:*:*:*:*:*:*:*","matchCriteriaId":"AA2C90E7-0F3A-43BB-ABF7-63CEA7A85ADA"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:qru1032_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"8ECC6966-23CF-4189-81B3-477A97E38B05"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:qru1032:-:*:*:*:*:*:*:*","matchCriteriaId":"01490429-D26C-4F80-83A4-8DC257142B86"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:dragonwing_qru100_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"20146936-42B1-4530-A9F3-8EAA108ED99C"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:dragonwing_qru100:-:*:*:*:*:*:*:*","matchCriteriaId":"5EDEA060-73D7-4A58-8A10-1E2629E55E60"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:dragonwing_x100_accelerator_card_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"67C91E62-2BB2-4AF6-8DC8-84E5BDF2EBD6"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:dragonwing_x100_accelerator_card:-:*:*:*:*:*:*:*","matchCriteriaId":"BEC27E86-8A33-487E-88C0-3A47EF34690A"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:video_collaboration_vc1_platform_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"C3607443-848D-4334-B5E4-0DC27F28509B"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:video_collaboration_vc1_platform:-:*:*:*:*:*:*:*","matchCriteriaId":"2E8F00DD-C894-4236-8932-7F7FCD15D2A5"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:video_collaboration_vc3_platform_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"DD4946C6-778F-4542-AB77-C9B86AF25C05"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:video_collaboration_vc3_platform:-:*:*:*:*:*:*:*","matchCriteriaId":"6F1D604A-4530-42B3-80A0-58A82D658DDD"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:video_collaboration_vc5_platform_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"87CF9AD4-6E1B-47E8-B441-022A03858875"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:video_collaboration_vc5_platform:-:*:*:*:*:*:*:*","matchCriteriaId":"791C1E60-162D-4881-80D5-895658FEC47E"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:qxm1083_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"0CE74B89-5E3F-428E-8000-E3452B8B6953"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:qxm1083:-:*:*:*:*:*:*:*","matchCriteriaId":"DC11B7A6-E621-463D-B861-6B203EADFA57"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:qxm1086_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"E48759CC-B751-4466-87DF-2D0AB220C0FB"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:qxm1086:-:*:*:*:*:*:*:*","matchCriteriaId":"E7F1C9D2-6616-4F74-85C2-1850B5C3F6BC"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:qxm1093_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"9A46B609-BD06-4BB7-B055-1F71C555E93D"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:qxm1093:-:*:*:*:*:*:*:*","matchCriteriaId":"59598462-1E53-4F6D-BAB5-06ACEDF6CD9F"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:qxm1094_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"8F30D66E-2802-4394-BC39-5E04711234FF"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:qxm1094:-:*:*:*:*:*:*:*","matchCriteriaId":"078EC383-784F-4468-B94C-AE7CC9808419"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:qxm1095_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"B7B67C93-0453-4696-8F3D-0AD664922C44"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:qxm1095:-:*:*:*:*:*:*:*","matchCriteriaId":"D61C46AA-9130-46A8-BD04-8B4235118B81"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:snapdragon_680_4g_mobile_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"D957EE2B-0964-4806-A55B-D6EDE64F4B2B"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:snapdragon_680_4g_mobile:-:*:*:*:*:*:*:*","matchCriteriaId":"13B91E86-CBB8-4561-A983-0199B4491085"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:snapdragon_685_4g_mobile_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"E5BFA049-4B7C-4B94-B48B-5770E05B7486"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:snapdragon_685_4g_mobile:-:*:*:*:*:*:*:*","matchCriteriaId":"6BD0F530-6F6D-4507-9A64-31DC64E601CE"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:snapdragon_695_5g_mobile_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"1C0D8E82-3425-4605-B220-068F36A190CE"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:snapdragon_695_5g_mobile:-:*:*:*:*:*:*:*","matchCriteriaId":"187FA325-AC3A-476B-9250-2B5B0368D28E"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:snapdragon_7s_gen_3_mobile_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"2F192BBD-6A31-47F9-B491-AF74388E0C1D"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:snapdragon_7s_gen_3_mobile:-:*:*:*:*:*:*:*","matchCriteriaId":"B6ED386B-2C8C-4D7F-BDED-6D9231C7B4A3"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:snapdragon_8_gen_2_mobile_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"863BA6B8-5F2D-4D97-BBBE-EAD5B35AB3AA"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:snapdragon_8_gen_2_mobile:-:*:*:*:*:*:*:*","matchCriteriaId":"2E0344CF-A15E-4734-852F-9553E780644B"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:snapdragon_8_gen_3_mobile_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"DA40FA0B-F9F1-48D4-B68A-ECD7241A5F39"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:snapdragon_8_gen_3_mobile:-:*:*:*:*:*:*:*","matchCriteriaId":"0B00530E-070B-4832-AFF0-535D4A1A6F85"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:snapdragon_8\\+_gen_2_mobile_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"28D14A7F-F116-416B-A359-32D395F706D4"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:snapdragon_8\\+_gen_2_mobile:-:*:*:*:*:*:*:*","matchCriteriaId":"6B67D19B-E1B0-41A2-B122-FBA6D797F3C8"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:snapdragon_ar1_gen_1_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"A69D9315-2233-4C4E-8651-8E32C4BA5866"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:snapdragon_ar1_gen_1:-:*:*:*:*:*:*:*","matchCriteriaId":"27DFA1D7-0459-401A-9E00-A5E700AC9C9F"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:snapdragon_ar1\\+_gen_1_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"688CD5F7-A570-4080-B313-E0B104363757"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:snapdragon_ar1\\+_gen_1:-:*:*:*:*:*:*:*","matchCriteriaId":"FC6B0413-0892-43F1-937A-CE9EC26B6C6D"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:snapdragon_auto_5g_modem-rf_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"88AF39A5-F44E-4B14-AA6E-4F80D9EEB017"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:snapdragon_auto_5g_modem-rf:-:*:*:*:*:*:*:*","matchCriteriaId":"2A25FE8F-555A-4D85-8A94-A808B62EAE86"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:snapdragon_auto_5g_modem-rf_gen_2_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"EE5FCA7F-1FBE-42AA-B4E6-09CEA02A33EC"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:snapdragon_auto_5g_modem-rf_gen_2:-:*:*:*:*:*:*:*","matchCriteriaId":"E2D789BC-43F5-40FB-A191-163C01BA5FBE"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:snapdragon_x32_5g_modem-rf_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"1D8A51B5-5115-47E5-A8B5-96B9965749C7"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:snapdragon_x32_5g_modem-rf:-:*:*:*:*:*:*:*","matchCriteriaId":"DDA76CAB-ADE3-45FA-A859-2A9E7C00746C"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:snapdragon_x35_5g_modem-rf_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"7B42EAAC-230A-4901-8B3A-45EF95087109"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:snapdragon_x35_5g_modem-rf:-:*:*:*:*:*:*:*","matchCriteriaId":"19E8F0E4-F768-4EC4-A9C1-1291A7C79E23"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:snapdragon_x72_5g_modem-rf_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"5E674785-B392-4007-A4AE-DACF2745704F"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:snapdragon_x72_5g_modem-rf:-:*:*:*:*:*:*:*","matchCriteriaId":"7C48D223-A41F-4D49-B526-4695DD93349A"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:snapdragon_x75_5g_modem-rf_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"D82AAC94-6D8C-4EB7-ADDF-544AFCA809D6"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:snapdragon_x75_5g_modem-rf:-:*:*:*:*:*:*:*","matchCriteriaId":"6A169176-2CBF-44B6-B4C8-C93D72E6D77D"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:srv1h_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"0CD199F5-DA68-4BEB-AA99-11572DA26B4F"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:srv1h:-:*:*:*:*:*:*:*","matchCriteriaId":"8ACA2D4D-FC77-4C1A-8278-1C27B3EA3303"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:srv1m_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"E4B29E7F-8BFE-466A-B357-63F8A2160C4E"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:srv1m:-:*:*:*:*:*:*:*","matchCriteriaId":"6D55CC7D-2E65-4CA9-9892-B6FBCC087E6F"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:sw5100_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"AA1BF9BB-AF11-46A7-A71C-F7D289E76E3F"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:sw5100:-:*:*:*:*:*:*:*","matchCriteriaId":"7B8455D6-287D-4934-8E4D-F4127A9C0449"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:sw5100p_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"DB599A9F-0305-4FE4-8623-0F86630FEDCB"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:sw5100p:-:*:*:*:*:*:*:*","matchCriteriaId":"EEB883BF-68B2-4C25-84DC-5DA953BFAA2F"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:sxr2330p_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"568C5B08-AC42-48D3-8029-A65689EEBE75"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:sxr2330p:-:*:*:*:*:*:*:*","matchCriteriaId":"56DD2B49-0A36-443C-BECB-4115E271A415"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:sxr2350p_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"AA54D269-A94D-47CB-B3F1-7B163E453A67"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:sxr2350p:-:*:*:*:*:*:*:*","matchCriteriaId":"F1D79422-1EA3-459A-8C4A-8A0FBE386036"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:wcd9335_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"28717583-463A-468A-8073-ECF0F90585F6"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:wcd9335:-:*:*:*:*:*:*:*","matchCriteriaId":"4D1A7188-7D5D-4D46-AEAB-08BA84FFF539"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:wcd9340_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"8BA28CC6-C8BB-4F50-BFE3-A59F664A4F54"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:wcd9340:-:*:*:*:*:*:*:*","matchCriteriaId":"94D2BDF1-764C-48BA-8944-3275E8768078"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:wcd9370_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"1295D869-F4DD-4766-B4AA-3513752F43B4"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:wcd9370:-:*:*:*:*:*:*:*","matchCriteriaId":"B98784DC-3143-4D38-AD28-DBBDCCAB4272"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:wcd9371_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"2503805B-B2A6-4AEE-8AB1-2B8A040702BD"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:wcd9371:-:*:*:*:*:*:*:*","matchCriteriaId":"D3AD370C-2ED0-43CF-83D9-50DC92A01CA5"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:wcd9375_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"34143ABA-7D09-429F-A65C-3A33438BF62C"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:wcd9375:-:*:*:*:*:*:*:*","matchCriteriaId":"9D56DFE3-5EF1-4B23-BBD5-0203FBF9CCEC"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:wcd9378_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"4CFDBB5B-0A4F-4032-874F-D2A7EF933FB0"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:wcd9378:-:*:*:*:*:*:*:*","matchCriteriaId":"D28A12D6-CC60-4BE9-ADEE-FAB58B05440F"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:wcd9380_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"70292B01-617F-44AD-AF77-1AFC1450523D"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:wcd9380:-:*:*:*:*:*:*:*","matchCriteriaId":"FA94C6D6-85DB-4031-AAF4-C399019AE16D"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:wcd9385_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"92B17201-8185-47F1-9720-5AB4ECD11B22"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:wcd9385:-:*:*:*:*:*:*:*","matchCriteriaId":"E1FA2EB9-416F-4D69-8786-386CC73978AE"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:wcd9390_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"896F1C04-9957-440F-BF01-C3772CC3B3DF"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:wcd9390:-:*:*:*:*:*:*:*","matchCriteriaId":"A90555EB-47A7-4717-92D5-35B561825F06"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:wcd9395_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"699056F6-1517-4F25-AE07-4FFCF6923B9F"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:wcd9395:-:*:*:*:*:*:*:*","matchCriteriaId":"E4C023D2-6FF5-4FFC-B9F2-895979166580"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:wcn3910_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"9F0D7B24-D567-479A-B4F1-595FAA053418"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:wcn3910:-:*:*:*:*:*:*:*","matchCriteriaId":"33A8FAA1-F824-4561-9CCC-7F0DF12F740F"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:wcn3950_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"3FEF2DB6-00F5-4B07-953B-EF58B31267F1"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:wcn3950:-:*:*:*:*:*:*:*","matchCriteriaId":"120E8F0F-EBEB-4565-9927-2D473F783EF7"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:wcn3980_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"9C6E9038-9B18-4958-BE1E-215901C9B4B2"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:wcn3980:-:*:*:*:*:*:*:*","matchCriteriaId":"B36D3274-F8D0-49C5-A6D5-95F5DC6D1950"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:wcn3988_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"E4BFB25F-013B-48E3-99FF-3E8687F94423"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:wcn3988:-:*:*:*:*:*:*:*","matchCriteriaId":"BF676C5B-838B-446C-A689-6A25AB8A87E2"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:wcn6450_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"1FAFC9FA-E6EF-44C5-BD50-2824C7711541"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:wcn6450:-:*:*:*:*:*:*:*","matchCriteriaId":"6F895CDD-F9BB-45AD-AE60-71F4549114A4"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:wcn6650_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"93398092-AF7C-4F04-874C-7E5B4CF7AB00"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:wcn6650:-:*:*:*:*:*:*:*","matchCriteriaId":"7D242084-5844-4E43-8D7F-D2F8E3521F0C"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:wcn6755_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"2BC386D9-3D2B-40FA-A2D9-199BB138F46A"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:wcn6755:-:*:*:*:*:*:*:*","matchCriteriaId":"133FFD9F-FA09-4801-939B-AD1D507BE5FE"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:wcn7860_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"2EB8794F-7998-424E-AF68-E4A4F9310F65"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:wcn7860:-:*:*:*:*:*:*:*","matchCriteriaId":"799D69CE-3FCC-4B19-8B00-9AF38111D983"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:wcn7861_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"57608D47-894C-4895-B4B3-4733D55D57DB"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:wcn7861:-:*:*:*:*:*:*:*","matchCriteriaId":"2FFD2C38-1A61-4BED-ABFA-DAE0C4B78620"}]}]}],"references":[{"url":"https://docs.qualcomm.com/product/publicresources/securitybulletin/may-2026-bulletin.html","source":"product-security@qualcomm.com","tags":["Patch","Vendor Advisory"]}]}},{"cve":{"id":"CVE-2025-31976","sourceIdentifier":"psirt@hcl.com","published":"2026-05-06T15:16:06.100","lastModified":"2026-06-29T14:59:19.650","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"HCL BigFix Service Management (SM) is vulnerable to insufficiently protected credentials for a short duration while communicating with a backend, internal application which could allow an attacker to potentially misuse them, if exfiltrated.  ."}],"affected":[{"source":"psirt@hcl.com","affectedData":[{"vendor":"HCL Software","product":"BigFix Service Management (SM)","defaultStatus":"unaffected","versions":[{"version":"23","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"psirt@hcl.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N","baseScore":4.8,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.2,"impactScore":2.5},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-05-06T14:47:03.663904Z","id":"CVE-2025-31976","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"psirt@hcl.com","type":"Secondary","description":[{"lang":"en","value":"CWE-200"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-522"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:hcltech:bigfix_service_management:23.0:*:*:*:*:*:*:*","matchCriteriaId":"4D915AC1-7C2B-497D-9A77-9726954B2282"}]}]}],"references":[{"url":"https://support.hcl-software.com/csm?id=kb_article&sysparm_article=KB0128144","source":"psirt@hcl.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2025-31978","sourceIdentifier":"psirt@hcl.com","published":"2026-05-06T15:16:06.207","lastModified":"2026-06-29T14:59:22.770","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"HCL BigFix Service Management (SM) does not adequately sanitize or safely render spreadsheet files (CSV, XLS, XLSX) before processing or distributing them. An attacker could populate data fields which, when saved to a CSV file, may attempt information exfiltration or other malicious activity when automatically executed by the spreadsheet software. Note that current versions of Excel warn users of untrusted content."}],"affected":[{"source":"psirt@hcl.com","affectedData":[{"vendor":"HCL Software","product":"BigFix Service Management (SM)","defaultStatus":"unaffected","versions":[{"version":"23","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"psirt@hcl.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N","baseScore":4.6,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.1,"impactScore":2.5},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N","baseScore":4.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":1.4}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-05-06T14:47:28.324166Z","id":"CVE-2025-31978","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"psirt@hcl.com","type":"Secondary","description":[{"lang":"en","value":"CWE-201"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:hcltech:bigfix_service_management:23.0:*:*:*:*:*:*:*","matchCriteriaId":"4D915AC1-7C2B-497D-9A77-9726954B2282"}]}]}],"references":[{"url":"https://support.hcl-software.com/csm?id=kb_article&sysparm_article=KB0128144","source":"psirt@hcl.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-20169","sourceIdentifier":"psirt@cisco.com","published":"2026-05-06T17:16:20.743","lastModified":"2026-06-29T17:28:14.693","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"A vulnerability in the web-based management interface of Cisco IoT Field Network Director could allow an authenticated, remote attacker with low privileges to access files and execute commands on a remote router.\r\n\r\nThis vulnerability is due to insufficient input validation of user-supplied data. An attacker could exploit this vulnerability by submitting crafted input in the web-based management interface. A successful exploit could allow the attacker to create, read, or delete files and execute limited commands in&nbsp;user EXEC mode on a remote router."}],"affected":[{"source":"psirt@cisco.com","affectedData":[{"vendor":"Cisco","product":"Cisco IoT Field Network Director (IoT-FND)","defaultStatus":"unknown","versions":[{"version":"4.5.1","status":"affected"},{"version":"4.4.3","status":"affected"},{"version":"4.1.0","status":"affected"},{"version":"4.1.3","status":"affected"},{"version":"4.6.1","status":"affected"},{"version":"4.1.1","status":"affected"},{"version":"4.4.0","status":"affected"},{"version":"4.2.0","status":"affected"},{"version":"4.4.2","status":"affected"},{"version":"4.3.0","status":"affected"},{"version":"4.6.0","status":"affected"},{"version":"4.4.4","status":"affected"},{"version":"4.3.2","status":"affected"},{"version":"4.1.2","status":"affected"},{"version":"4.4.1","status":"affected"},{"version":"4.5.0","status":"affected"},{"version":"4.3.1","status":"affected"},{"version":"4.7.0","status":"affected"},{"version":"4.6.2","status":"affected"},{"version":"4.7.1","status":"affected"},{"version":"4.7.2","status":"affected"},{"version":"4.8.0","status":"affected"},{"version":"4.8.1","status":"affected"},{"version":"4.9.0","status":"affected"},{"version":"4.9.1","status":"affected"},{"version":"4.10.0","status":"affected"},{"version":"4.9.2","status":"affected"},{"version":"4.11.0","status":"affected"},{"version":"4.12.0","status":"affected"},{"version":"4.12.1","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"psirt@cisco.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N","baseScore":6.4,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":3.1,"impactScore":2.7}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-05-06T17:26:38.558371Z","id":"CVE-2026-20169","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"psirt@cisco.com","type":"Secondary","description":[{"lang":"en","value":"CWE-77"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:iot_field_network_director:*:*:*:*:*:*:*:*","versionEndExcluding":"5.0.0-117","matchCriteriaId":"AFAEB500-F901-497A-8E7A-13F350338E83"}]}]}],"references":[{"url":"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iot-fnd-dos-n8N26Q4u","source":"psirt@cisco.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-20189","sourceIdentifier":"psirt@cisco.com","published":"2026-05-06T17:16:21.360","lastModified":"2026-06-29T16:53:33.077","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"A vulnerability in the log file download functionality of Cisco Prime Infrastructure could allow an&nbsp;authenticated, remote attacker to download arbitrary log files from the server.\r\n\r\nThis vulnerability is due to insufficient authorization checks on the download service API. An attacker could exploit this vulnerability by submitting a crafted URL request to an affected device. A successful exploit could allow the attacker to download sensitive log files that they would otherwise not have authorization to access.\r\nTo exploit this vulnerability, the attacker must have valid credentials to access the web-based management interface of the affected device."}],"affected":[{"source":"psirt@cisco.com","affectedData":[{"vendor":"Cisco","product":"Cisco Prime Infrastructure","defaultStatus":"unknown","versions":[{"version":"3.6.0","status":"affected"},{"version":"3.7.0","status":"affected"},{"version":"3.4.0","status":"affected"},{"version":"3.3.0","status":"affected"},{"version":"3.5.0","status":"affected"},{"version":"3.2.0-FIPS","status":"affected"},{"version":"3.8.0-FED","status":"affected"},{"version":"3.9.0","status":"affected"},{"version":"3.8.0","status":"affected"},{"version":"3.10.0","status":"affected"},{"version":"3.9.1","status":"affected"},{"version":"3.8.1","status":"affected"},{"version":"3.7.1","status":"affected"},{"version":"3.5.1","status":"affected"},{"version":"3.4.2","status":"affected"},{"version":"3.3.1","status":"affected"},{"version":"3.2.1","status":"affected"},{"version":"3.2.2","status":"affected"},{"version":"3.4.1","status":"affected"},{"version":"3.10.2","status":"affected"},{"version":"3.10.3","status":"affected"},{"version":"3.10","status":"affected"},{"version":"3.10.1","status":"affected"},{"version":"3.7.1 Update 03","status":"affected"},{"version":"3.7.1 Update 04","status":"affected"},{"version":"3.7.1 Update 06","status":"affected"},{"version":"3.7.1 Update 07","status":"affected"},{"version":"3.8.1 Update 01","status":"affected"},{"version":"3.8.1 Update 02","status":"affected"},{"version":"3.8.1 Update 03","status":"affected"},{"version":"3.8.1 Update 04","status":"affected"},{"version":"3.9.1 Update 01","status":"affected"},{"version":"3.9.1 Update 02","status":"affected"},{"version":"3.9.1 Update 03","status":"affected"},{"version":"3.9.1 Update 04","status":"affected"},{"version":"3.10 Update 01","status":"affected"},{"version":"3.4.2 Update 01","status":"affected"},{"version":"3.6.0 Update 04","status":"affected"},{"version":"3.6.0 Update 02","status":"affected"},{"version":"3.6.0 Update 03","status":"affected"},{"version":"3.6.0 Update 01","status":"affected"},{"version":"3.5.1 Update 03","status":"affected"},{"version":"3.5.1 Update 01","status":"affected"},{"version":"3.5.1 Update 02","status":"affected"},{"version":"3.7.0 Update 03","status":"affected"},{"version":"3.8.0 Update 01","status":"affected"},{"version":"3.8.0 Update 02","status":"affected"},{"version":"3.7.1 Update 01","status":"affected"},{"version":"3.7.1 Update 02","status":"affected"},{"version":"3.7.1 Update 05","status":"affected"},{"version":"3.9.0 Update 01","status":"affected"},{"version":"3.3.0 Update 01","status":"affected"},{"version":"3.4.1 Update 02","status":"affected"},{"version":"3.4.1 Update 01","status":"affected"},{"version":"3.5.0 Update 03","status":"affected"},{"version":"3.5.0 Update 01","status":"affected"},{"version":"3.5.0 Update 02","status":"affected"},{"version":"3.10.4","status":"affected"},{"version":"3.10.4 Update 01","status":"affected"},{"version":"3.10.4 Update 02","status":"affected"},{"version":"3.10.4 Update 03","status":"affected"},{"version":"3.10.5","status":"affected"},{"version":"3.10.6","status":"affected"},{"version":"3.10.6 Update 01","status":"affected"},{"version":"3.10.6 Update 02","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"psirt@cisco.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N","baseScore":4.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":1.4}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-05-06T17:46:03.705407Z","id":"CVE-2026-20189","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"psirt@cisco.com","type":"Secondary","description":[{"lang":"en","value":"CWE-862"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:prime_infrastructure:*:*:*:*:*:*:*:*","versionEndExcluding":"3.10.6","matchCriteriaId":"C6DE6377-FFFC-439B-95D0-5EC54C215018"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:prime_infrastructure:3.10.6:-:*:*:*:*:*:*","matchCriteriaId":"94273457-DA21-40F8-B8E8-A6DA0F5A8300"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:prime_infrastructure:3.10.6:security_update_01:*:*:*:*:*:*","matchCriteriaId":"3A33A68B-7264-44F1-AF87-992FBA582FA6"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:prime_infrastructure:3.10.6:security_update_02:*:*:*:*:*:*","matchCriteriaId":"117F3992-534F-44F7-82CF-1707C17508BF"}]}]}],"references":[{"url":"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-pi-unauth-infodiscl-LFnLgmey","source":"psirt@cisco.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-20195","sourceIdentifier":"psirt@cisco.com","published":"2026-05-06T17:16:21.630","lastModified":"2026-06-29T15:27:17.027","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"A vulnerability in an identity management API endpoint of Cisco ISE could allow an unauthenticated, remote attacker to enumerate valid user accounts on an affected device.\r\n\r\nThis vulnerability exists because error messages are observed when the affected API endpoint is called. An attacker could exploit this vulnerability by sending a series of crafted requests to the affected endpoint and analyzing the differentiated responses. A successful exploit could allow the attacker to compile a list of valid usernames on an affected system."}],"affected":[{"source":"psirt@cisco.com","affectedData":[{"vendor":"Cisco","product":"Cisco Identity Services Engine Software","defaultStatus":"unknown","versions":[{"version":"3.3.0","status":"affected"},{"version":"3.3 Patch 2","status":"affected"},{"version":"3.3 Patch 1","status":"affected"},{"version":"3.3 Patch 3","status":"affected"},{"version":"3.4.0","status":"affected"},{"version":"3.3 Patch 4","status":"affected"},{"version":"3.4 Patch 1","status":"affected"},{"version":"3.3 Patch 5","status":"affected"},{"version":"3.3 Patch 6","status":"affected"},{"version":"3.4 Patch 2","status":"affected"},{"version":"3.3 Patch 7","status":"affected"},{"version":"3.4 Patch 3","status":"affected"},{"version":"3.5.0","status":"affected"},{"version":"3.4 Patch 4","status":"affected"},{"version":"3.3 Patch 8","status":"affected"},{"version":"3.5 Patch 1","status":"affected"},{"version":"3.3 Patch 9","status":"affected"},{"version":"3.4 Patch 5","status":"affected"},{"version":"3.5 Patch 3","status":"affected"},{"version":"3.5 Patch 2","status":"affected"},{"version":"3.3 Patch 10","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"psirt@cisco.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N","baseScore":5.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":1.4}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-05-06T17:34:47.638851Z","id":"CVE-2026-20195","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"psirt@cisco.com","type":"Secondary","description":[{"lang":"en","value":"CWE-204"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:identity_services_engine:*:*:*:*:*:*:*:*","versionEndIncluding":"3.2.0","matchCriteriaId":"1F8D9766-8462-48B6-A997-EEF549569786"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:identity_services_engine:3.3.0:-:*:*:*:*:*:*","matchCriteriaId":"F1B9C2C1-59A4-49A0-9B74-83CCB063E55D"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:identity_services_engine:3.3.0:patch1:*:*:*:*:*:*","matchCriteriaId":"DFD29A0B-0D75-4EAB-BCE0-79450EC75DD0"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:identity_services_engine:3.3.0:patch10:*:*:*:*:*:*","matchCriteriaId":"43F3A55D-D4FC-4D93-9513-94B64B21A2B4"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:identity_services_engine:3.3.0:patch2:*:*:*:*:*:*","matchCriteriaId":"E6C94CC4-CC08-4DAF-A606-FDAFC92720A9"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:identity_services_engine:3.3.0:patch3:*:*:*:*:*:*","matchCriteriaId":"BB069EA3-7B8C-42B5-8035-2EE5ED3F56E4"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:identity_services_engine:3.3.0:patch4:*:*:*:*:*:*","matchCriteriaId":"FF8B81A6-BF44-4E5F-B167-39F61DDCA026"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:identity_services_engine:3.3.0:patch5:*:*:*:*:*:*","matchCriteriaId":"56E0F0EC-3E66-4866-89F5-89B331F3F517"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:identity_services_engine:3.3.0:patch6:*:*:*:*:*:*","matchCriteriaId":"2E3E8937-2859-4A2A-91C0-05F674EF0466"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:identity_services_engine:3.3.0:patch7:*:*:*:*:*:*","matchCriteriaId":"D4B14684-EB9E-405B-85FA-B62E57CB292C"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:identity_services_engine:3.3.0:patch8:*:*:*:*:*:*","matchCriteriaId":"22B752D1-9E8F-4FB7-8EEB-F9234492372B"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:identity_services_engine:3.3.0:patch9:*:*:*:*:*:*","matchCriteriaId":"85A1CC7D-FE54-4AC0-B98F-972C4B1F3189"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:identity_services_engine:3.4.0:-:*:*:*:*:*:*","matchCriteriaId":"D23905E0-E525-49B1-8E5F-4EB42D186768"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:identity_services_engine:3.4.0:patch1:*:*:*:*:*:*","matchCriteriaId":"74509498-38EF-4345-9583-CEF5C26CA1D8"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:identity_services_engine:3.4.0:patch2:*:*:*:*:*:*","matchCriteriaId":"CD05FF93-7B8C-4283-9DB7-E03FE98FAADF"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:identity_services_engine:3.4.0:patch3:*:*:*:*:*:*","matchCriteriaId":"0F9B6A8E-E773-44A3-9266-878F0C58EB41"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:identity_services_engine:3.4.0:patch4:*:*:*:*:*:*","matchCriteriaId":"D3727619-E0CA-4CA9-BE35-0C732BCF1741"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:identity_services_engine:3.4.0:patch5:*:*:*:*:*:*","matchCriteriaId":"2CFB7565-3930-409C-B5DB-CE77E6ED7C42"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:identity_services_engine:3.5.0:-:*:*:*:*:*:*","matchCriteriaId":"2610FD35-BC4B-41B7-9C92-E6E5264FEE54"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:identity_services_engine:3.5.0:patch1:*:*:*:*:*:*","matchCriteriaId":"3FEE4377-B238-4442-9892-28CECFB2319E"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:identity_services_engine:3.5.0:patch2:*:*:*:*:*:*","matchCriteriaId":"6598563B-7E32-43FB-96A7-88C53E4CE226"}]}]}],"references":[{"url":"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ise-unauth-bypass-uxjRXGpb","source":"psirt@cisco.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-42208","sourceIdentifier":"security-advisories@github.com","published":"2026-05-08T04:16:19.923","lastModified":"2026-06-29T17:18:29.820","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"LiteLLM is a proxy server (AI Gateway) to call LLM APIs in OpenAI (or native) format. From version 1.81.16 to before version 1.83.7, a database query used during proxy API key checks mixed the caller-supplied key value into the query text instead of passing it as a separate parameter. An unauthenticated attacker could send a specially crafted Authorization header to any LLM API route (for example POST /chat/completions) and reach this query through the proxy's error-handling path. An attacker could read data from the proxy's database and may be able to modify it, leading to unauthorised access to the proxy and the credentials it manages. This issue has been patched in version 1.83.7."}],"affected":[{"source":"security-advisories@github.com","affectedData":[{"vendor":"BerriAI","product":"litellm","versions":[{"version":">= 1.81.16, < 1.83.7","status":"affected"}]}]},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","affectedData":[{"vendor":"Red Hat","product":"Lightspeed Core","defaultStatus":"unaffected","cpes":["cpe:/a:redhat:lightspeed_core"]},{"vendor":"Red Hat","product":"Red Hat Ansible Automation Platform 2","defaultStatus":"unaffected","cpes":["cpe:/a:redhat:ansible_automation_platform:2"]},{"vendor":"Red Hat","product":"Red Hat OpenShift AI (RHOAI)","defaultStatus":"unaffected","cpes":["cpe:/a:redhat:openshift_ai"]}]}],"metrics":{"cvssMetricV40":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":9.3,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"NONE","userInteraction":"NONE","vulnConfidentialityImpact":"HIGH","vulnIntegrityImpact":"HIGH","vulnAvailabilityImpact":"HIGH","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-05-08T00:00:00+00:00","id":"CVE-2026-42208","options":[{"exploitation":"active"},{"automatable":"yes"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"cisaExploitAdd":"2026-05-08","cisaActionDue":"2026-05-11","cisaRequiredAction":"Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.","cisaVulnerabilityName":"BerriAI LiteLLM SQL Injection Vulnerability","weaknesses":[{"source":"security-advisories@github.com","type":"Primary","description":[{"lang":"en","value":"CWE-89"}]},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","type":"Secondary","description":[{"lang":"en","value":"CWE-89"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:litellm:litellm:*:*:*:*:*:*:*:*","versionStartIncluding":"1.81.16","versionEndExcluding":"1.83.7","matchCriteriaId":"3A3CA0FD-F124-4495-A36B-96BB1A2AE4E5"}]}]}],"references":[{"url":"https://github.com/BerriAI/litellm/releases/tag/v1.83.7-stable","source":"security-advisories@github.com","tags":["Product","Release Notes"]},{"url":"https://github.com/BerriAI/litellm/security/advisories/GHSA-r75f-5x8p-qvmc","source":"security-advisories@github.com","tags":["Mitigation","Patch","Vendor Advisory"]},{"url":"https://access.redhat.com/security/cve/CVE-2026-42208","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","tags":["Third Party Advisory"]},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2463965","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","tags":["Mitigation","Third Party Advisory"]},{"url":"https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-42208.json","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","tags":["Third Party Advisory"]},{"url":"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2026-42208","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","tags":["US Government Resource"]}]}},{"cve":{"id":"CVE-2025-40947","sourceIdentifier":"productcert@siemens.com","published":"2026-05-12T10:16:43.053","lastModified":"2026-06-29T14:08:53.560","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"A vulnerability has been identified in RUGGEDCOM ROX MX5000 (All versions < V2.17.1), RUGGEDCOM ROX MX5000RE (All versions < V2.17.1), RUGGEDCOM ROX RX1400 (All versions < V2.17.1), RUGGEDCOM ROX RX1500 (All versions < V2.17.1), RUGGEDCOM ROX RX1501 (All versions < V2.17.1), RUGGEDCOM ROX RX1510 (All versions < V2.17.1), RUGGEDCOM ROX RX1511 (All versions < V2.17.1), RUGGEDCOM ROX RX1512 (All versions < V2.17.1), RUGGEDCOM ROX RX1524 (All versions < V2.17.1), RUGGEDCOM ROX RX1536 (All versions < V2.17.1), RUGGEDCOM ROX RX5000 (All versions < V2.17.1). Affected devices do not properly sanitize user-supplied input during the feature key installation process.\r\n\r\nThis could allow an authenticated remote attacker to inject arbitrary commands, resulting in remote code execution with root privileges on the underlying operating system."}],"affected":[{"source":"productcert@siemens.com","affectedData":[{"vendor":"Siemens","product":"RUGGEDCOM ROX MX5000","defaultStatus":"unknown","versions":[{"version":"0","lessThan":"V2.17.1","versionType":"custom","status":"affected"}]},{"vendor":"Siemens","product":"RUGGEDCOM ROX MX5000RE","defaultStatus":"unknown","versions":[{"version":"0","lessThan":"V2.17.1","versionType":"custom","status":"affected"}]},{"vendor":"Siemens","product":"RUGGEDCOM ROX RX1400","defaultStatus":"unknown","versions":[{"version":"0","lessThan":"V2.17.1","versionType":"custom","status":"affected"}]},{"vendor":"Siemens","product":"RUGGEDCOM ROX RX1500","defaultStatus":"unknown","versions":[{"version":"0","lessThan":"V2.17.1","versionType":"custom","status":"affected"}]},{"vendor":"Siemens","product":"RUGGEDCOM ROX RX1501","defaultStatus":"unknown","versions":[{"version":"0","lessThan":"V2.17.1","versionType":"custom","status":"affected"}]},{"vendor":"Siemens","product":"RUGGEDCOM ROX RX1510","defaultStatus":"unknown","versions":[{"version":"0","lessThan":"V2.17.1","versionType":"custom","status":"affected"}]},{"vendor":"Siemens","product":"RUGGEDCOM ROX RX1511","defaultStatus":"unknown","versions":[{"version":"0","lessThan":"V2.17.1","versionType":"custom","status":"affected"}]},{"vendor":"Siemens","product":"RUGGEDCOM ROX RX1512","defaultStatus":"unknown","versions":[{"version":"0","lessThan":"V2.17.1","versionType":"custom","status":"affected"}]},{"vendor":"Siemens","product":"RUGGEDCOM ROX RX1524","defaultStatus":"unknown","versions":[{"version":"0","lessThan":"V2.17.1","versionType":"custom","status":"affected"}]},{"vendor":"Siemens","product":"RUGGEDCOM ROX RX1536","defaultStatus":"unknown","versions":[{"version":"0","lessThan":"V2.17.1","versionType":"custom","status":"affected"}]},{"vendor":"Siemens","product":"RUGGEDCOM ROX RX5000","defaultStatus":"unknown","versions":[{"version":"0","lessThan":"V2.17.1","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"productcert@siemens.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":7.7,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"HIGH","attackRequirements":"NONE","privilegesRequired":"LOW","userInteraction":"NONE","vulnConfidentialityImpact":"HIGH","vulnIntegrityImpact":"HIGH","vulnAvailabilityImpact":"HIGH","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"productcert@siemens.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.6,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-05-12T12:45:22.982292Z","id":"CVE-2025-40947","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"productcert@siemens.com","type":"Secondary","description":[{"lang":"en","value":"CWE-78"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:siemens:ruggedcom_rox_mx5000_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"2.17.1","matchCriteriaId":"8E959933-E882-45F7-AFE6-2A14DBD33D49"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:siemens:ruggedcom_rox_mx5000:-:*:*:*:*:*:*:*","matchCriteriaId":"DAD1B18F-9C37-48CC-92E2-9C5E66B206CB"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:siemens:ruggedcom_rox_mx5000re_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"2.17.1","matchCriteriaId":"B55E56C2-C306-4CD8-AB16-83E174A95BBC"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:siemens:ruggedcom_rox_mx5000re:-:*:*:*:*:*:*:*","matchCriteriaId":"38734DFA-A5DF-4284-BD79-7C0ED6CD8A5C"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:siemens:ruggedcom_rox_rx1400_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"2.17.1","matchCriteriaId":"1490D50D-0645-4822-9900-96FF59CA77C7"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:siemens:ruggedcom_rox_rx1400:-:*:*:*:*:*:*:*","matchCriteriaId":"12BD4008-DB6A-4749-A426-D2DE44819A9D"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:siemens:ruggedcom_rox_rx1500_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"2.17.1","matchCriteriaId":"95CD33F1-67A5-432E-8260-D9EF05527134"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:siemens:ruggedcom_rox_rx1500:-:*:*:*:*:*:*:*","matchCriteriaId":"3E79B422-C844-411C-AA49-CFD73D3C6E2D"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:siemens:ruggedcom_rox_rx1501_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"2.17.1","matchCriteriaId":"16EC7E53-11E3-4969-AE51-39E9E7727684"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:siemens:ruggedcom_rox_rx1501:-:*:*:*:*:*:*:*","matchCriteriaId":"53AAEC5C-06EE-4C58-A981-EBF5860CEF16"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:siemens:ruggedcom_rox_rx1510_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"2.17.1","matchCriteriaId":"0A6F6F6C-6265-4852-A682-99854378665B"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:siemens:ruggedcom_rox_rx1510:-:*:*:*:*:*:*:*","matchCriteriaId":"0751225A-6E9C-4281-93A4-A048920FF7C6"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:siemens:ruggedcom_rox_rx1511_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"2.17.1","matchCriteriaId":"D319D2D6-022E-4076-9C65-DF4D2FCF4C0D"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:siemens:ruggedcom_rox_rx1511:-:*:*:*:*:*:*:*","matchCriteriaId":"8C1E56ED-1E61-4B7E-8EC0-BB2AAD57EF7B"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:siemens:ruggedcom_rox_rx1512_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"2.17.1","matchCriteriaId":"C2D73C42-CAC0-4023-88E2-321AC600DFA2"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:siemens:ruggedcom_rox_rx1512:-:*:*:*:*:*:*:*","matchCriteriaId":"41ADD701-AD49-46B2-A12E-219CCED32298"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:siemens:ruggedcom_rox_rx1524_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"2.17.1","matchCriteriaId":"C21E1791-E434-4083-A19F-F304E44C4FD7"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:siemens:ruggedcom_rox_rx1524:-:*:*:*:*:*:*:*","matchCriteriaId":"F8C70D90-E8FA-4343-9027-152A99D79C82"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:siemens:ruggedcom_rox_rx1536_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"2.17.1","matchCriteriaId":"C091E8A8-B401-40B4-BABF-C9C22FAF63EE"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:siemens:ruggedcom_rox_rx1536:-:*:*:*:*:*:*:*","matchCriteriaId":"C1775F3B-6F47-4134-8B4E-CF6337FF546C"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:siemens:ruggedcom_rox_rx5000_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"2.17.1","matchCriteriaId":"F2E21053-160B-429A-A536-B6C2718DC3A0"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:siemens:ruggedcom_rox_rx5000:-:*:*:*:*:*:*:*","matchCriteriaId":"1E0E33F2-E89B-4008-BED2-CF2296801078"}]}]}],"references":[{"url":"https://cert-portal.siemens.com/productcert/html/ssa-078743.html","source":"productcert@siemens.com","tags":["Mitigation","Vendor Advisory"]}]}},{"cve":{"id":"CVE-2025-40948","sourceIdentifier":"productcert@siemens.com","published":"2026-05-12T10:16:43.203","lastModified":"2026-06-29T14:08:43.643","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"A vulnerability has been identified in RUGGEDCOM ROX MX5000 (All versions < V2.17.1), RUGGEDCOM ROX MX5000RE (All versions < V2.17.1), RUGGEDCOM ROX RX1400 (All versions < V2.17.1), RUGGEDCOM ROX RX1500 (All versions < V2.17.1), RUGGEDCOM ROX RX1501 (All versions < V2.17.1), RUGGEDCOM ROX RX1510 (All versions < V2.17.1), RUGGEDCOM ROX RX1511 (All versions < V2.17.1), RUGGEDCOM ROX RX1512 (All versions < V2.17.1), RUGGEDCOM ROX RX1524 (All versions < V2.17.1), RUGGEDCOM ROX RX1536 (All versions < V2.17.1), RUGGEDCOM ROX RX5000 (All versions < V2.17.1). Affected devices do not properly validate input in the web server's JSON-RPC interface.\r\n\r\nThis could allow an authenticated remote attacker to read arbitrary files from the underlying operating system's filesystem with root privileges."}],"affected":[{"source":"productcert@siemens.com","affectedData":[{"vendor":"Siemens","product":"RUGGEDCOM ROX MX5000","defaultStatus":"unknown","versions":[{"version":"0","lessThan":"V2.17.1","versionType":"custom","status":"affected"}]},{"vendor":"Siemens","product":"RUGGEDCOM ROX MX5000RE","defaultStatus":"unknown","versions":[{"version":"0","lessThan":"V2.17.1","versionType":"custom","status":"affected"}]},{"vendor":"Siemens","product":"RUGGEDCOM ROX RX1400","defaultStatus":"unknown","versions":[{"version":"0","lessThan":"V2.17.1","versionType":"custom","status":"affected"}]},{"vendor":"Siemens","product":"RUGGEDCOM ROX RX1500","defaultStatus":"unknown","versions":[{"version":"0","lessThan":"V2.17.1","versionType":"custom","status":"affected"}]},{"vendor":"Siemens","product":"RUGGEDCOM ROX RX1501","defaultStatus":"unknown","versions":[{"version":"0","lessThan":"V2.17.1","versionType":"custom","status":"affected"}]},{"vendor":"Siemens","product":"RUGGEDCOM ROX RX1510","defaultStatus":"unknown","versions":[{"version":"0","lessThan":"V2.17.1","versionType":"custom","status":"affected"}]},{"vendor":"Siemens","product":"RUGGEDCOM ROX RX1511","defaultStatus":"unknown","versions":[{"version":"0","lessThan":"V2.17.1","versionType":"custom","status":"affected"}]},{"vendor":"Siemens","product":"RUGGEDCOM ROX RX1512","defaultStatus":"unknown","versions":[{"version":"0","lessThan":"V2.17.1","versionType":"custom","status":"affected"}]},{"vendor":"Siemens","product":"RUGGEDCOM ROX RX1524","defaultStatus":"unknown","versions":[{"version":"0","lessThan":"V2.17.1","versionType":"custom","status":"affected"}]},{"vendor":"Siemens","product":"RUGGEDCOM ROX RX1536","defaultStatus":"unknown","versions":[{"version":"0","lessThan":"V2.17.1","versionType":"custom","status":"affected"}]},{"vendor":"Siemens","product":"RUGGEDCOM ROX RX5000","defaultStatus":"unknown","versions":[{"version":"0","lessThan":"V2.17.1","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"productcert@siemens.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:N/SC:H/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":6.1,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"HIGH","userInteraction":"NONE","vulnConfidentialityImpact":"NONE","vulnIntegrityImpact":"NONE","vulnAvailabilityImpact":"NONE","subConfidentialityImpact":"HIGH","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"productcert@siemens.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N","baseScore":6.8,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":2.3,"impactScore":4.0}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-05-12T12:43:17.469738Z","id":"CVE-2025-40948","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"productcert@siemens.com","type":"Secondary","description":[{"lang":"en","value":"CWE-88"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:siemens:ruggedcom_rox_mx5000_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"2.17.1","matchCriteriaId":"8E959933-E882-45F7-AFE6-2A14DBD33D49"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:siemens:ruggedcom_rox_mx5000:-:*:*:*:*:*:*:*","matchCriteriaId":"DAD1B18F-9C37-48CC-92E2-9C5E66B206CB"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:siemens:ruggedcom_rox_mx5000re_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"2.17.1","matchCriteriaId":"B55E56C2-C306-4CD8-AB16-83E174A95BBC"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:siemens:ruggedcom_rox_mx5000re:-:*:*:*:*:*:*:*","matchCriteriaId":"38734DFA-A5DF-4284-BD79-7C0ED6CD8A5C"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:siemens:ruggedcom_rox_rx1400_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"2.17.1","matchCriteriaId":"1490D50D-0645-4822-9900-96FF59CA77C7"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:siemens:ruggedcom_rox_rx1400:-:*:*:*:*:*:*:*","matchCriteriaId":"12BD4008-DB6A-4749-A426-D2DE44819A9D"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:siemens:ruggedcom_rox_rx1500_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"2.17.1","matchCriteriaId":"95CD33F1-67A5-432E-8260-D9EF05527134"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:siemens:ruggedcom_rox_rx1500:-:*:*:*:*:*:*:*","matchCriteriaId":"3E79B422-C844-411C-AA49-CFD73D3C6E2D"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:siemens:ruggedcom_rox_rx1501_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"2.17.1","matchCriteriaId":"16EC7E53-11E3-4969-AE51-39E9E7727684"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:siemens:ruggedcom_rox_rx1501:-:*:*:*:*:*:*:*","matchCriteriaId":"53AAEC5C-06EE-4C58-A981-EBF5860CEF16"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:siemens:ruggedcom_rox_rx1510_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"2.17.1","matchCriteriaId":"0A6F6F6C-6265-4852-A682-99854378665B"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:siemens:ruggedcom_rox_rx1510:-:*:*:*:*:*:*:*","matchCriteriaId":"0751225A-6E9C-4281-93A4-A048920FF7C6"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:siemens:ruggedcom_rox_rx1511_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"2.17.1","matchCriteriaId":"D319D2D6-022E-4076-9C65-DF4D2FCF4C0D"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:siemens:ruggedcom_rox_rx1511:-:*:*:*:*:*:*:*","matchCriteriaId":"8C1E56ED-1E61-4B7E-8EC0-BB2AAD57EF7B"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:siemens:ruggedcom_rox_rx1512_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"2.17.1","matchCriteriaId":"C2D73C42-CAC0-4023-88E2-321AC600DFA2"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:siemens:ruggedcom_rox_rx1512:-:*:*:*:*:*:*:*","matchCriteriaId":"41ADD701-AD49-46B2-A12E-219CCED32298"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:siemens:ruggedcom_rox_rx1524_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"2.17.1","matchCriteriaId":"C21E1791-E434-4083-A19F-F304E44C4FD7"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:siemens:ruggedcom_rox_rx1524:-:*:*:*:*:*:*:*","matchCriteriaId":"F8C70D90-E8FA-4343-9027-152A99D79C82"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:siemens:ruggedcom_rox_rx1536_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"2.17.1","matchCriteriaId":"C091E8A8-B401-40B4-BABF-C9C22FAF63EE"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:siemens:ruggedcom_rox_rx1536:-:*:*:*:*:*:*:*","matchCriteriaId":"C1775F3B-6F47-4134-8B4E-CF6337FF546C"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:siemens:ruggedcom_rox_rx5000_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"2.17.1","matchCriteriaId":"F2E21053-160B-429A-A536-B6C2718DC3A0"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:siemens:ruggedcom_rox_rx5000:-:*:*:*:*:*:*:*","matchCriteriaId":"1E0E33F2-E89B-4008-BED2-CF2296801078"}]}]}],"references":[{"url":"https://cert-portal.siemens.com/productcert/html/ssa-973901.html","source":"productcert@siemens.com","tags":["Mitigation","Vendor Advisory"]}]}},{"cve":{"id":"CVE-2025-40949","sourceIdentifier":"productcert@siemens.com","published":"2026-05-12T10:16:43.360","lastModified":"2026-06-29T14:08:26.717","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"A vulnerability has been identified in RUGGEDCOM ROX MX5000 (All versions < V2.17.1), RUGGEDCOM ROX MX5000RE (All versions < V2.17.1), RUGGEDCOM ROX RX1400 (All versions < V2.17.1), RUGGEDCOM ROX RX1500 (All versions < V2.17.1), RUGGEDCOM ROX RX1501 (All versions < V2.17.1), RUGGEDCOM ROX RX1510 (All versions < V2.17.1), RUGGEDCOM ROX RX1511 (All versions < V2.17.1), RUGGEDCOM ROX RX1512 (All versions < V2.17.1), RUGGEDCOM ROX RX1524 (All versions < V2.17.1), RUGGEDCOM ROX RX1536 (All versions < V2.17.1), RUGGEDCOM ROX RX5000 (All versions < V2.17.1). Affected devices do not properly sanitize user-supplied input in the Scheduler functionality of the Web UI, allowing commands to be injected into the task scheduling backend.\r\n\r\nThis could allow an authenticated remote attacker to execute arbitrary commands with root privileges on the underlying operating system."}],"affected":[{"source":"productcert@siemens.com","affectedData":[{"vendor":"Siemens","product":"RUGGEDCOM ROX MX5000","defaultStatus":"unknown","versions":[{"version":"0","lessThan":"V2.17.1","versionType":"custom","status":"affected"}]},{"vendor":"Siemens","product":"RUGGEDCOM ROX MX5000RE","defaultStatus":"unknown","versions":[{"version":"0","lessThan":"V2.17.1","versionType":"custom","status":"affected"}]},{"vendor":"Siemens","product":"RUGGEDCOM ROX RX1400","defaultStatus":"unknown","versions":[{"version":"0","lessThan":"V2.17.1","versionType":"custom","status":"affected"}]},{"vendor":"Siemens","product":"RUGGEDCOM ROX RX1500","defaultStatus":"unknown","versions":[{"version":"0","lessThan":"V2.17.1","versionType":"custom","status":"affected"}]},{"vendor":"Siemens","product":"RUGGEDCOM ROX RX1501","defaultStatus":"unknown","versions":[{"version":"0","lessThan":"V2.17.1","versionType":"custom","status":"affected"}]},{"vendor":"Siemens","product":"RUGGEDCOM ROX RX1510","defaultStatus":"unknown","versions":[{"version":"0","lessThan":"V2.17.1","versionType":"custom","status":"affected"}]},{"vendor":"Siemens","product":"RUGGEDCOM ROX RX1511","defaultStatus":"unknown","versions":[{"version":"0","lessThan":"V2.17.1","versionType":"custom","status":"affected"}]},{"vendor":"Siemens","product":"RUGGEDCOM ROX RX1512","defaultStatus":"unknown","versions":[{"version":"0","lessThan":"V2.17.1","versionType":"custom","status":"affected"}]},{"vendor":"Siemens","product":"RUGGEDCOM ROX RX1524","defaultStatus":"unknown","versions":[{"version":"0","lessThan":"V2.17.1","versionType":"custom","status":"affected"}]},{"vendor":"Siemens","product":"RUGGEDCOM ROX RX1536","defaultStatus":"unknown","versions":[{"version":"0","lessThan":"V2.17.1","versionType":"custom","status":"affected"}]},{"vendor":"Siemens","product":"RUGGEDCOM ROX RX5000","defaultStatus":"unknown","versions":[{"version":"0","lessThan":"V2.17.1","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"productcert@siemens.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":8.9,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"PRESENT","privilegesRequired":"HIGH","userInteraction":"NONE","vulnConfidentialityImpact":"HIGH","vulnIntegrityImpact":"HIGH","vulnAvailabilityImpact":"HIGH","subConfidentialityImpact":"HIGH","subIntegrityImpact":"HIGH","subAvailabilityImpact":"HIGH","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"productcert@siemens.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H","baseScore":9.1,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.3,"impactScore":6.0}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-05-13T01:40:45.667682Z","id":"CVE-2025-40949","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"productcert@siemens.com","type":"Secondary","description":[{"lang":"en","value":"CWE-78"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:siemens:ruggedcom_rox_mx5000_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"2.17.1","matchCriteriaId":"8E959933-E882-45F7-AFE6-2A14DBD33D49"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:siemens:ruggedcom_rox_mx5000:-:*:*:*:*:*:*:*","matchCriteriaId":"DAD1B18F-9C37-48CC-92E2-9C5E66B206CB"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:siemens:ruggedcom_rox_mx5000re_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"2.17.1","matchCriteriaId":"B55E56C2-C306-4CD8-AB16-83E174A95BBC"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:siemens:ruggedcom_rox_mx5000re:-:*:*:*:*:*:*:*","matchCriteriaId":"38734DFA-A5DF-4284-BD79-7C0ED6CD8A5C"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:siemens:ruggedcom_rox_rx1400_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"2.17.1","matchCriteriaId":"1490D50D-0645-4822-9900-96FF59CA77C7"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:siemens:ruggedcom_rox_rx1400:-:*:*:*:*:*:*:*","matchCriteriaId":"12BD4008-DB6A-4749-A426-D2DE44819A9D"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:siemens:ruggedcom_rox_rx1500_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"2.17.1","matchCriteriaId":"95CD33F1-67A5-432E-8260-D9EF05527134"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:siemens:ruggedcom_rox_rx1500:-:*:*:*:*:*:*:*","matchCriteriaId":"3E79B422-C844-411C-AA49-CFD73D3C6E2D"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:siemens:ruggedcom_rox_rx1501_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"2.17.1","matchCriteriaId":"16EC7E53-11E3-4969-AE51-39E9E7727684"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:siemens:ruggedcom_rox_rx1501:-:*:*:*:*:*:*:*","matchCriteriaId":"53AAEC5C-06EE-4C58-A981-EBF5860CEF16"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:siemens:ruggedcom_rox_rx1510_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"2.17.1","matchCriteriaId":"0A6F6F6C-6265-4852-A682-99854378665B"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:siemens:ruggedcom_rox_rx1510:-:*:*:*:*:*:*:*","matchCriteriaId":"0751225A-6E9C-4281-93A4-A048920FF7C6"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:siemens:ruggedcom_rox_rx1511_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"2.17.1","matchCriteriaId":"D319D2D6-022E-4076-9C65-DF4D2FCF4C0D"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:siemens:ruggedcom_rox_rx1511:-:*:*:*:*:*:*:*","matchCriteriaId":"8C1E56ED-1E61-4B7E-8EC0-BB2AAD57EF7B"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:siemens:ruggedcom_rox_rx1512_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"2.17.1","matchCriteriaId":"C2D73C42-CAC0-4023-88E2-321AC600DFA2"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:siemens:ruggedcom_rox_rx1512:-:*:*:*:*:*:*:*","matchCriteriaId":"41ADD701-AD49-46B2-A12E-219CCED32298"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:siemens:ruggedcom_rox_rx1524_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"2.17.1","matchCriteriaId":"5610C6DA-BA23-4FC7-857C-2D2AF4C1E7A2"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:siemens:ruggedcom_rox_rx1524:-:*:*:*:*:*:*:*","matchCriteriaId":"F8C70D90-E8FA-4343-9027-152A99D79C82"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:siemens:ruggedcom_rox_rx1536_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"2.17.1","matchCriteriaId":"C091E8A8-B401-40B4-BABF-C9C22FAF63EE"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:siemens:ruggedcom_rox_rx1536:-:*:*:*:*:*:*:*","matchCriteriaId":"C1775F3B-6F47-4134-8B4E-CF6337FF546C"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:siemens:ruggedcom_rox_rx5000_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"2.17.1","matchCriteriaId":"F2E21053-160B-429A-A536-B6C2718DC3A0"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:siemens:ruggedcom_rox_rx5000:-:*:*:*:*:*:*:*","matchCriteriaId":"1E0E33F2-E89B-4008-BED2-CF2296801078"}]}]}],"references":[{"url":"https://cert-portal.siemens.com/productcert/html/ssa-081142.html","source":"productcert@siemens.com","tags":["Mitigation","Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-22924","sourceIdentifier":"productcert@siemens.com","published":"2026-05-12T10:16:43.917","lastModified":"2026-06-29T14:06:00.157","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"A vulnerability has been identified in SIMATIC CN 4100 (All versions < V5.0). The affected application does not properly restrict unauthenticated connections and is susceptible to resource exhaustion conditions.\r\nThis could allow an attacker to disrupt normal operations or perform unauthorized actions, potentially impacting system availability and integrity."}],"affected":[{"source":"productcert@siemens.com","affectedData":[{"vendor":"Siemens","product":"SIMATIC CN 4100","defaultStatus":"unknown","versions":[{"version":"0","lessThan":"V5.0","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"productcert@siemens.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"NONE","userInteraction":"NONE","vulnConfidentialityImpact":"NONE","vulnIntegrityImpact":"HIGH","vulnAvailabilityImpact":"HIGH","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"productcert@siemens.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H","baseScore":9.1,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.2}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-05-13T01:40:31.029305Z","id":"CVE-2026-22924","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"productcert@siemens.com","type":"Secondary","description":[{"lang":"en","value":"CWE-306"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:siemens:simatic_cn_4100_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"5.0","matchCriteriaId":"AA9D4F6E-9336-4026-B485-4227C861B356"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:siemens:simatic_cn_4100:-:*:*:*:*:*:*:*","matchCriteriaId":"92619F5F-3679-4424-9455-3285FF1EF2F1"}]}]}],"references":[{"url":"https://cert-portal.siemens.com/productcert/html/ssa-032379.html","source":"productcert@siemens.com","tags":["Mitigation","Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-22925","sourceIdentifier":"productcert@siemens.com","published":"2026-05-12T10:16:44.057","lastModified":"2026-06-29T14:05:43.480","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"A vulnerability has been identified in SIMATIC CN 4100 (All versions < V5.0). The affected application is susceptible to resource exhaustion when subjected to high volume of TCP SYN packets\r\nThis could allow an attacker to render the service unavailable and cause denial-of-service conditions by overwhelming system resources."}],"affected":[{"source":"productcert@siemens.com","affectedData":[{"vendor":"Siemens","product":"SIMATIC CN 4100","defaultStatus":"unknown","versions":[{"version":"0","lessThan":"V5.0","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"productcert@siemens.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":8.7,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"NONE","userInteraction":"NONE","vulnConfidentialityImpact":"NONE","vulnIntegrityImpact":"NONE","vulnAvailabilityImpact":"HIGH","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"productcert@siemens.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-05-12T13:27:07.360737Z","id":"CVE-2026-22925","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"productcert@siemens.com","type":"Secondary","description":[{"lang":"en","value":"CWE-770"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:siemens:simatic_cn_4100_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"5.0","matchCriteriaId":"AA9D4F6E-9336-4026-B485-4227C861B356"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:siemens:simatic_cn_4100:-:*:*:*:*:*:*:*","matchCriteriaId":"92619F5F-3679-4424-9455-3285FF1EF2F1"}]}]}],"references":[{"url":"https://cert-portal.siemens.com/productcert/html/ssa-032379.html","source":"productcert@siemens.com","tags":["Mitigation","Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-44411","sourceIdentifier":"productcert@siemens.com","published":"2026-05-12T10:16:46.430","lastModified":"2026-06-29T14:03:20.867","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"A vulnerability has been identified in Solid Edge SE2026 (All versions < V226.0 Update 5). The affected application is vulnerable to uninitialized pointer access while parsing specially crafted PAR files. An attacker could leverage this vulnerability to execute code in the context of the current process."}],"affected":[{"source":"productcert@siemens.com","affectedData":[{"vendor":"Siemens","product":"Solid Edge SE2026","defaultStatus":"unknown","versions":[{"version":"0","lessThan":"V226.0 Update 5","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"productcert@siemens.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":7.3,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"HIGH","attackRequirements":"NONE","privilegesRequired":"NONE","userInteraction":"PASSIVE","vulnConfidentialityImpact":"HIGH","vulnIntegrityImpact":"HIGH","vulnAvailabilityImpact":"HIGH","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"productcert@siemens.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-05-12T12:36:53.458325Z","id":"CVE-2026-44411","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"productcert@siemens.com","type":"Secondary","description":[{"lang":"en","value":"CWE-824"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:siemens:solid_edge_se2026:*:*:*:*:*:*:*:*","versionEndExcluding":"226.0","matchCriteriaId":"F53A6649-7B50-49A8-AD11-664016B43B17"},{"vulnerable":true,"criteria":"cpe:2.3:a:siemens:solid_edge_se2026:226.0:-:*:*:*:*:*:*","matchCriteriaId":"6D5CA617-C738-465A-B941-11596360BFC5"},{"vulnerable":true,"criteria":"cpe:2.3:a:siemens:solid_edge_se2026:226.0:update_1:*:*:*:*:*:*","matchCriteriaId":"921642C9-2C52-4D93-90B8-EE8D8A476061"},{"vulnerable":true,"criteria":"cpe:2.3:a:siemens:solid_edge_se2026:226.0:update_2:*:*:*:*:*:*","matchCriteriaId":"26D68AD5-3349-4529-8369-FB644E5A4F13"},{"vulnerable":true,"criteria":"cpe:2.3:a:siemens:solid_edge_se2026:226.0:update_3:*:*:*:*:*:*","matchCriteriaId":"E8B0DA87-5FBF-46EA-9016-5197FE479B3A"},{"vulnerable":true,"criteria":"cpe:2.3:a:siemens:solid_edge_se2026:226.0:update_4:*:*:*:*:*:*","matchCriteriaId":"98C96C79-CBDA-4021-BB7F-C7756D034A8C"}]}]}],"references":[{"url":"https://cert-portal.siemens.com/productcert/html/ssa-921111.html","source":"productcert@siemens.com","tags":["Mitigation","Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-34662","sourceIdentifier":"psirt@adobe.com","published":"2026-05-12T18:17:11.123","lastModified":"2026-06-29T14:20:07.553","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Illustrator versions 29.8.6, 30.3 and earlier are affected by a NULL Pointer Dereference vulnerability that could result in an application denial-of-service. An attacker could exploit this vulnerability to crash the application, leading to a denial-of-service condition. Exploitation of this issue requires user interaction in that a victim must open a malicious file."}],"affected":[{"source":"psirt@adobe.com","affectedData":[{"vendor":"Adobe","product":"Illustrator","defaultStatus":"affected","versions":[{"version":"0","lessThanOrEqual":"30.3","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"psirt@adobe.com","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H","baseScore":5.5,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":3.6},{"source":"nvd@nist.gov","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H","baseScore":5.5,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-05-12T20:12:51.891433Z","id":"CVE-2026-34662","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"psirt@adobe.com","type":"Secondary","description":[{"lang":"en","value":"CWE-476"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:adobe:illustrator:*:*:*:*:*:*:*:*","versionStartIncluding":"29.0","versionEndExcluding":"29.8.7","matchCriteriaId":"56AE3CDD-A779-4A9D-A50B-C956B3311FB3"},{"vulnerable":true,"criteria":"cpe:2.3:a:adobe:illustrator:*:*:*:*:*:*:*:*","versionStartIncluding":"30.0","versionEndExcluding":"30.4","matchCriteriaId":"2B1BBF11-4ED3-463B-A870-05A929AFAFFB"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*","matchCriteriaId":"387021A0-AF36-463C-A605-32EA7DAC172E"},{"vulnerable":false,"criteria":"cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*","matchCriteriaId":"A2572D17-1DE6-457B-99CC-64AFD54487EA"}]}]}],"references":[{"url":"https://helpx.adobe.com/security/products/illustrator/apsb26-51.html","source":"psirt@adobe.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-20916","sourceIdentifier":"f5sirt@f5.com","published":"2026-05-13T16:16:36.210","lastModified":"2026-06-29T18:01:34.777","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"An authenticated iControl REST user with low privileges can create or modify arbitrary files through an undisclosed iControl REST endpoint on the BIG-IQ system.\n Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated."}],"affected":[{"source":"f5sirt@f5.com","affectedData":[{"vendor":"F5","product":"BIG-IQ","defaultStatus":"unknown","versions":[{"version":"8.4.0","lessThan":"8.4.1","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"f5sirt@f5.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":7.2,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"LOW","userInteraction":"NONE","vulnConfidentialityImpact":"NONE","vulnIntegrityImpact":"HIGH","vulnAvailabilityImpact":"HIGH","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"f5sirt@f5.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H","baseScore":8.1,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.2}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-05-13T15:59:35.520147Z","id":"CVE-2026-20916","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"f5sirt@f5.com","type":"Secondary","description":[{"lang":"en","value":"CWE-22"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-iq_centralized_management:8.4.0:*:*:*:*:*:*:*","matchCriteriaId":"27F94743-333B-4CD8-94C8-EADCB3F94365"}]}]}],"references":[{"url":"https://my.f5.com/manage/s/article/K000158029","source":"f5sirt@f5.com","tags":["Mitigation","Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-24464","sourceIdentifier":"f5sirt@f5.com","published":"2026-05-13T16:16:36.997","lastModified":"2026-06-29T18:00:40.077","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"When running in Appliance mode, a directory traversal vulnerability exists in an undisclosed iControl REST endpoint that may allow an authenticated attacker with administrator role privileges to cross a security boundary and delete files.  Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated."}],"affected":[{"source":"f5sirt@f5.com","affectedData":[{"vendor":"F5","product":"BIG-IP","defaultStatus":"unknown","modules":["All Modules"],"versions":[{"version":"21.1.0","lessThan":"*","versionType":"custom","status":"unaffected"},{"version":"21.0.0","lessThan":"21.0.0.2","versionType":"custom","status":"affected"},{"version":"17.5.0","lessThan":"17.5.1.6","versionType":"custom","status":"affected"},{"version":"17.1.0","lessThan":"17.1.3.2","versionType":"custom","status":"affected"},{"version":"16.1.0","lessThan":"*","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"f5sirt@f5.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":6.9,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"HIGH","userInteraction":"NONE","vulnConfidentialityImpact":"NONE","vulnIntegrityImpact":"HIGH","vulnAvailabilityImpact":"NONE","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"f5sirt@f5.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:N/I:H/A:N","baseScore":6.8,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"NONE","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":2.3,"impactScore":4.0}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-05-13T15:57:24.076951Z","id":"CVE-2026-24464","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"f5sirt@f5.com","type":"Secondary","description":[{"lang":"en","value":"CWE-35"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"BD3A2286-B181-47DA-BCB3-A9D0E0B357AC"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"004CBB88-E617-4A0A-BE42-E1E6BB52D736"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"920FA89D-E154-4936-B88E-8B60D5B39B40"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"94ADD021-8229-4CDE-AE73-33FB1BD4A3C5"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"216A1ED3-D0CD-4A08-B9E8-A5B54942E831"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"CA7B9727-7694-4D1B-8B48-175196544050"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_application_visibility_and_reporting:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"5481F477-166F-4321-80A0-539095C6B829"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_automation_toolchain:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"5462B02C-4414-4B14-A671-D8993BD9511D"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_carrier-grade_nat:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"4A6B33EA-BD41-45A1-801F-BF2439E4F501"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_container_ingress_services:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"972BEB00-AAC3-42F7-BB45-881E1A3D1131"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_ddos_hybrid_defender:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"226B7285-7977-4BBC-947E-E9541E1AAB89"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"8B49FF41-861D-488F-94DC-DAE222A9BE0D"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"4962EDD5-384F-4ABC-8696-8C4AACEE19BD"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"CE7A5976-AAA0-4FF1-ADAC-4547F24765FA"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"5728B748-0795-4056-91E8-B3A0DB3A3081"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"C453B7CE-FBA6-46E7-975D-61D7A18773F9"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"EC77DFC2-A3DC-46E6-9419-0ABA84CD275E"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"25701935-02F5-4BD8-95F0-6693C6606558"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_ssl_orchestrator:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"AC71E265-C7B7-4A78-B73A-32B5FECE5D36"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"8B029869-31AB-4FE2-846E-FC6F7133ADF8"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_websafe:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"2760AEE2-DCA4-4ED8-92DE-F409EED1A7D9"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_access_policy_manager:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"F10F963B-348A-4819-9109-EF0F2304CCDB"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_advanced_firewall_manager:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"003B47C5-A8E3-4ECD-B0E1-6FD3BCC6C00A"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"CCCB38CF-FCDA-4E62-8BEA-70DE61D617B4"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_analytics:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"B1489ACC-1DCF-4107-A7A5-12E675B522F3"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_application_acceleration_manager:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"B63EC396-5C6D-4F2B-AA4B-48C19A2DEF40"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_application_security_manager:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"E8F401DC-AEE8-4DA1-8D54-51086557F0CC"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_application_visibility_and_reporting:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"EB3D5211-78EA-479C-A468-F3DD867DA377"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_automation_toolchain:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"4BF32E2A-2837-4F02-98D4-EC8D4AD7629A"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_carrier-grade_nat:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"7918553F-3A00-4F1F-8007-40C440D30EDC"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_container_ingress_services:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"63F0B2DD-6D9C-4A4E-AB9A-E417D0BA9725"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_ddos_hybrid_defender:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"961FD6A4-3969-4A7B-B154-71AB91102EDB"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_domain_name_system:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"0EA3A0ED-753C-4909-8EDC-294AF6873791"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_edge_gateway:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"B22E4040-EC36-44B7-AE6F-D8A5B982350F"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_fraud_protection_service:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"90819202-D6CE-4742-957E-32653AD75AB2"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_global_traffic_manager:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"5E4DCF86-3120-4D11-8233-9E41BF6F1577"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_link_controller:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"C3978168-BE6E-41DB-92A2-99843137BBFC"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_local_traffic_manager:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"2BBB888F-2AAF-4F90-82F7-12A79A5D9EC1"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_policy_enforcement_manager:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"EA18854A-929E-4D5E-B2EC-9AC31A5694C6"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_ssl_orchestrator:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"AB4EFA9A-FBB9-437C-9789-7C4EB489DD59"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_webaccelerator:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"900D8242-3139-443E-98A3-30A7D9A0CA42"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_websafe:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"4DF82E2E-B438-4205-8A58-802A1F22EB3E"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"84ACD36F-E97D-4DDA-A8FD-D911095C1035"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"BD71EC53-8ABC-410F-B031-0B3288D2E8DF"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"1E446AEE-1CB7-411C-9549-0E12C2EBBF9C"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"AFDDB2A2-3B00-4454-A5BA-F181972B8B70"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"D186FF46-E0B0-4B54-9EA9-87AD379FA600"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"4AFFB39F-3E07-4316-9DD6-C36407B09C20"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"06CB53ED-B0CF-45D0-BF6B-C07C2B5AD3DA"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"A6E75F5E-8C80-4287-84BF-6676B1029AA6"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"2F330E98-E773-4D93-855D-1D82644B3F73"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"26D5B297-AAD7-4DF5-9C24-E9550DF2793A"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"59042348-3748-48E0-B78B-D978C6B241B2"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"5082DEBB-5C7F-41A2-B48F-0C72C3A6782B"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_application_visibility_and_reporting:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"B010CF79-60CD-4B4C-BDCA-61FBD59397B9"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_application_visibility_and_reporting:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"39AA59D4-6DE8-4ABA-9EEB-840755CA76A2"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_automation_toolchain:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"6C89D1A8-D453-4A12-97EA-6642F98FDA27"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_automation_toolchain:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"83FBED4E-1977-45EF-8D33-4A24D81BFE7C"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_carrier-grade_nat:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"54BB0364-2EFA-442B-9DB2-3A49677D965C"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_carrier-grade_nat:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"F64237A9-9AF0-4D01-958F-753862C33ABF"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_container_ingress_services:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"2727CEE5-75FD-4345-88C1-3ED60AAF7DE3"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_container_ingress_services:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"205B3D36-A3D8-4859-A3C4-2FA432B4A162"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_ddos_hybrid_defender:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"EA180633-8625-4F8E-90E2-235BCD334256"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_ddos_hybrid_defender:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"66DDBE6D-423A-4F60-9D06-0E10CB93FB66"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"35FF40AC-3A3E-4B4B-83F4-BB6048FEBB72"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"E0B21289-FB5C-47FA-B054-50341236260D"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"C83BE4EC-8775-4FF4-B362-9E6EBDD53A04"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"C7F7C488-8C01-4EE7-A244-259237F06668"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"556AEFC8-8D4C-4E5A-9051-77424FAAC9D1"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"E649795C-1B70-411B-B744-E0728109474D"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"93597117-087D-4AAC-884F-8E1400D645FA"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"131D329E-0351-402B-BC67-698DC1C9A83E"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"2F95824A-E1F8-412E-B59D-8278AE3CB571"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"C8EF0B1D-AE26-4283-8D84-5CECB245652F"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"4996DCE3-8F39-4917-96A0-2C44C900DEE0"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"AA1487CA-A5F3-4689-9458-7309C2E17C9E"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"48DBF1EA-4DFD-402F-81BC-430B7D74C5FD"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"7F234CDF-C413-4E70-9A97-6467ADB33EA9"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_ssl_orchestrator:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"BA32DFFC-6412-4BA9-9382-5E307539AF4D"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_ssl_orchestrator:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"BCBD1B79-3FC1-4288-BEF8-E5D60DA939A6"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"D25B01D7-F665-47EE-9185-40581A6C3DA0"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"83AD64DE-7D0B-4380-89E0-A06817B21606"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_websafe:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"4AE71FB5-6842-4822-9CA4-1427BC9187BF"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_websafe:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"F1516CC2-94CA-4FB2-AC5A-6CFB0580980C"}]}]}],"references":[{"url":"https://my.f5.com/manage/s/article/K000160911","source":"f5sirt@f5.com","tags":["Mitigation","Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-28758","sourceIdentifier":"f5sirt@f5.com","published":"2026-05-13T16:16:37.137","lastModified":"2026-06-29T17:58:57.223","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"When BIG-IP DNS is provisioned, a vulnerability exists in the gtm_add and bigip_add iControl REST commands that return the ssh-password parameter in cleartext in the iControl REST response and is also logged in the audit log. This may allow a highly privileged, authenticated attacker with access to the audit log to view sensitive information.  Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated"}],"affected":[{"source":"f5sirt@f5.com","affectedData":[{"vendor":"F5","product":"BIG-IP","defaultStatus":"unknown","modules":["DNS"],"versions":[{"version":"21.0.0","lessThan":"*","versionType":"custom","status":"unaffected"},{"version":"17.5.0","lessThan":"17.5.1.4","versionType":"custom","status":"affected"},{"version":"17.1.0","lessThan":"17.1.3.1","versionType":"custom","status":"affected"},{"version":"16.1.0","lessThan":"*","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"f5sirt@f5.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":6.7,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"HIGH","userInteraction":"NONE","vulnConfidentialityImpact":"HIGH","vulnIntegrityImpact":"NONE","vulnAvailabilityImpact":"NONE","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"f5sirt@f5.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N","baseScore":4.4,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":0.8,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-05-13T16:01:07.059526Z","id":"CVE-2026-28758","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"f5sirt@f5.com","type":"Secondary","description":[{"lang":"en","value":"CWE-312"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"8B49FF41-861D-488F-94DC-DAE222A9BE0D"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndExcluding":"17.1.3.1","matchCriteriaId":"100CEE47-7F09-48AF-A3BD-734E6E987790"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"E0B21289-FB5C-47FA-B054-50341236260D"}]}]}],"references":[{"url":"https://my.f5.com/manage/s/article/K000158070","source":"f5sirt@f5.com","tags":["Mitigation","Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-32643","sourceIdentifier":"f5sirt@f5.com","published":"2026-05-13T16:16:39.213","lastModified":"2026-06-29T14:14:14.833","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"A vulnerability exists in BIG-IP and BIG-IQ systems where a highly privileged, authenticated attacker with at least the Certificate Manager role can modify configuration objects that allow running arbitrary commands.  Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated."}],"affected":[{"source":"f5sirt@f5.com","affectedData":[{"vendor":"F5","product":"BIG-IP","defaultStatus":"unknown","modules":["All Modules"],"versions":[{"version":"21.1.0","lessThan":"*","versionType":"custom","status":"unaffected"},{"version":"21.0.0","lessThan":"21.0.0.2","versionType":"custom","status":"affected"},{"version":"17.5.0","lessThan":"17.5.1.6","versionType":"custom","status":"affected"},{"version":"17.1.0","lessThan":"17.1.3.2","versionType":"custom","status":"affected"},{"version":"16.1.0","lessThan":"*","versionType":"custom","status":"affected"}]},{"vendor":"F5","product":"BIG-IQ","defaultStatus":"unaffected","versions":[{"version":"8.4.0","lessThan":"*","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"f5sirt@f5.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":8.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"HIGH","userInteraction":"NONE","vulnConfidentialityImpact":"HIGH","vulnIntegrityImpact":"HIGH","vulnAvailabilityImpact":"NONE","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"f5sirt@f5.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:N","baseScore":8.7,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":2.3,"impactScore":5.8}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-05-13T00:00:00+00:00","id":"CVE-2026-32643","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"f5sirt@f5.com","type":"Secondary","description":[{"lang":"en","value":"CWE-250"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"84ACD36F-E97D-4DDA-A8FD-D911095C1035"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"BD71EC53-8ABC-410F-B031-0B3288D2E8DF"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"1E446AEE-1CB7-411C-9549-0E12C2EBBF9C"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"AFDDB2A2-3B00-4454-A5BA-F181972B8B70"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"D186FF46-E0B0-4B54-9EA9-87AD379FA600"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"4AFFB39F-3E07-4316-9DD6-C36407B09C20"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"06CB53ED-B0CF-45D0-BF6B-C07C2B5AD3DA"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"A6E75F5E-8C80-4287-84BF-6676B1029AA6"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"2F330E98-E773-4D93-855D-1D82644B3F73"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"26D5B297-AAD7-4DF5-9C24-E9550DF2793A"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"59042348-3748-48E0-B78B-D978C6B241B2"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"5082DEBB-5C7F-41A2-B48F-0C72C3A6782B"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_application_visibility_and_reporting:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"B010CF79-60CD-4B4C-BDCA-61FBD59397B9"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_application_visibility_and_reporting:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"39AA59D4-6DE8-4ABA-9EEB-840755CA76A2"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_automation_toolchain:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"6C89D1A8-D453-4A12-97EA-6642F98FDA27"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_automation_toolchain:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"83FBED4E-1977-45EF-8D33-4A24D81BFE7C"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_carrier-grade_nat:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"54BB0364-2EFA-442B-9DB2-3A49677D965C"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_carrier-grade_nat:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"F64237A9-9AF0-4D01-958F-753862C33ABF"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_container_ingress_services:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"2727CEE5-75FD-4345-88C1-3ED60AAF7DE3"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_container_ingress_services:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"205B3D36-A3D8-4859-A3C4-2FA432B4A162"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_ddos_hybrid_defender:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"EA180633-8625-4F8E-90E2-235BCD334256"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_ddos_hybrid_defender:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"66DDBE6D-423A-4F60-9D06-0E10CB93FB66"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"35FF40AC-3A3E-4B4B-83F4-BB6048FEBB72"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"E0B21289-FB5C-47FA-B054-50341236260D"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"C83BE4EC-8775-4FF4-B362-9E6EBDD53A04"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"C7F7C488-8C01-4EE7-A244-259237F06668"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"556AEFC8-8D4C-4E5A-9051-77424FAAC9D1"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"E649795C-1B70-411B-B744-E0728109474D"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"93597117-087D-4AAC-884F-8E1400D645FA"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"131D329E-0351-402B-BC67-698DC1C9A83E"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"2F95824A-E1F8-412E-B59D-8278AE3CB571"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"C8EF0B1D-AE26-4283-8D84-5CECB245652F"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"4996DCE3-8F39-4917-96A0-2C44C900DEE0"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"AA1487CA-A5F3-4689-9458-7309C2E17C9E"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"48DBF1EA-4DFD-402F-81BC-430B7D74C5FD"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"7F234CDF-C413-4E70-9A97-6467ADB33EA9"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_ssl_orchestrator:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"BA32DFFC-6412-4BA9-9382-5E307539AF4D"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_ssl_orchestrator:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"BCBD1B79-3FC1-4288-BEF8-E5D60DA939A6"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"D25B01D7-F665-47EE-9185-40581A6C3DA0"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"83AD64DE-7D0B-4380-89E0-A06817B21606"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_websafe:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"4AE71FB5-6842-4822-9CA4-1427BC9187BF"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_websafe:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"F1516CC2-94CA-4FB2-AC5A-6CFB0580980C"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"BD3A2286-B181-47DA-BCB3-A9D0E0B357AC"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"004CBB88-E617-4A0A-BE42-E1E6BB52D736"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"920FA89D-E154-4936-B88E-8B60D5B39B40"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"94ADD021-8229-4CDE-AE73-33FB1BD4A3C5"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"216A1ED3-D0CD-4A08-B9E8-A5B54942E831"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"CA7B9727-7694-4D1B-8B48-175196544050"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_application_visibility_and_reporting:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"5481F477-166F-4321-80A0-539095C6B829"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_automation_toolchain:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"5462B02C-4414-4B14-A671-D8993BD9511D"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_carrier-grade_nat:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"4A6B33EA-BD41-45A1-801F-BF2439E4F501"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_container_ingress_services:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"972BEB00-AAC3-42F7-BB45-881E1A3D1131"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_ddos_hybrid_defender:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"226B7285-7977-4BBC-947E-E9541E1AAB89"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"8B49FF41-861D-488F-94DC-DAE222A9BE0D"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"4962EDD5-384F-4ABC-8696-8C4AACEE19BD"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"CE7A5976-AAA0-4FF1-ADAC-4547F24765FA"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"5728B748-0795-4056-91E8-B3A0DB3A3081"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"C453B7CE-FBA6-46E7-975D-61D7A18773F9"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"EC77DFC2-A3DC-46E6-9419-0ABA84CD275E"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"25701935-02F5-4BD8-95F0-6693C6606558"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_ssl_orchestrator:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"AC71E265-C7B7-4A78-B73A-32B5FECE5D36"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"8B029869-31AB-4FE2-846E-FC6F7133ADF8"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_websafe:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"2760AEE2-DCA4-4ED8-92DE-F409EED1A7D9"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-iq_centralized_management:*:*:*:*:*:*:*:*","versionStartIncluding":"8.4.0","versionEndIncluding":"8.4.1","matchCriteriaId":"54662042-8E2F-4192-BFEB-F61EDD61B02D"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_access_policy_manager:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"F10F963B-348A-4819-9109-EF0F2304CCDB"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_advanced_firewall_manager:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"003B47C5-A8E3-4ECD-B0E1-6FD3BCC6C00A"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"CCCB38CF-FCDA-4E62-8BEA-70DE61D617B4"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_analytics:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"B1489ACC-1DCF-4107-A7A5-12E675B522F3"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_application_acceleration_manager:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"B63EC396-5C6D-4F2B-AA4B-48C19A2DEF40"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_application_security_manager:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"E8F401DC-AEE8-4DA1-8D54-51086557F0CC"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_application_visibility_and_reporting:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"EB3D5211-78EA-479C-A468-F3DD867DA377"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_automation_toolchain:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"4BF32E2A-2837-4F02-98D4-EC8D4AD7629A"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_carrier-grade_nat:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"7918553F-3A00-4F1F-8007-40C440D30EDC"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_container_ingress_services:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"63F0B2DD-6D9C-4A4E-AB9A-E417D0BA9725"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_ddos_hybrid_defender:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"961FD6A4-3969-4A7B-B154-71AB91102EDB"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_domain_name_system:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"0EA3A0ED-753C-4909-8EDC-294AF6873791"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_edge_gateway:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"B22E4040-EC36-44B7-AE6F-D8A5B982350F"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_fraud_protection_service:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"90819202-D6CE-4742-957E-32653AD75AB2"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_global_traffic_manager:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"5E4DCF86-3120-4D11-8233-9E41BF6F1577"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_link_controller:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"C3978168-BE6E-41DB-92A2-99843137BBFC"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_local_traffic_manager:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"2BBB888F-2AAF-4F90-82F7-12A79A5D9EC1"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_policy_enforcement_manager:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"EA18854A-929E-4D5E-B2EC-9AC31A5694C6"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_ssl_orchestrator:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"AB4EFA9A-FBB9-437C-9789-7C4EB489DD59"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_webaccelerator:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"900D8242-3139-443E-98A3-30A7D9A0CA42"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_websafe:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"4DF82E2E-B438-4205-8A58-802A1F22EB3E"}]}]}],"references":[{"url":"https://my.f5.com/manage/s/article/K000160972","source":"f5sirt@f5.com","tags":["Mitigation","Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-32673","sourceIdentifier":"f5sirt@f5.com","published":"2026-05-13T16:16:39.380","lastModified":"2026-06-29T14:14:21.017","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"A vulnerability exists in BIG-IP scripted monitors that may allow an authenticated attacker with the Resource Administrator or Administrator role to execute arbitrary system commands with higher privileges. In appliance mode deployments, a successful exploit can allow the attacker to cross a security boundary.  Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated."}],"affected":[{"source":"f5sirt@f5.com","affectedData":[{"vendor":"F5","product":"BIG-IP","defaultStatus":"unknown","modules":["All Modules"],"versions":[{"version":"21.1.0","lessThan":"*","versionType":"custom","status":"unaffected"},{"version":"21.0.0","lessThan":"21.0.0.2","versionType":"custom","status":"affected"},{"version":"17.5.0","lessThan":"17.5.1.6","versionType":"custom","status":"affected"},{"version":"17.1.0","lessThan":"17.1.3.2","versionType":"custom","status":"affected"},{"version":"16.1.0","lessThan":"*","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"f5sirt@f5.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":8.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"HIGH","userInteraction":"NONE","vulnConfidentialityImpact":"HIGH","vulnIntegrityImpact":"HIGH","vulnAvailabilityImpact":"NONE","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"f5sirt@f5.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:N","baseScore":8.7,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":2.3,"impactScore":5.8}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-05-13T00:00:00+00:00","id":"CVE-2026-32673","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"f5sirt@f5.com","type":"Secondary","description":[{"lang":"en","value":"CWE-250"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"84ACD36F-E97D-4DDA-A8FD-D911095C1035"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"BD71EC53-8ABC-410F-B031-0B3288D2E8DF"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"1E446AEE-1CB7-411C-9549-0E12C2EBBF9C"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"AFDDB2A2-3B00-4454-A5BA-F181972B8B70"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"D186FF46-E0B0-4B54-9EA9-87AD379FA600"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"4AFFB39F-3E07-4316-9DD6-C36407B09C20"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"06CB53ED-B0CF-45D0-BF6B-C07C2B5AD3DA"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"A6E75F5E-8C80-4287-84BF-6676B1029AA6"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"2F330E98-E773-4D93-855D-1D82644B3F73"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"26D5B297-AAD7-4DF5-9C24-E9550DF2793A"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"59042348-3748-48E0-B78B-D978C6B241B2"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"5082DEBB-5C7F-41A2-B48F-0C72C3A6782B"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_application_visibility_and_reporting:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"B010CF79-60CD-4B4C-BDCA-61FBD59397B9"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_application_visibility_and_reporting:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"39AA59D4-6DE8-4ABA-9EEB-840755CA76A2"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_automation_toolchain:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"6C89D1A8-D453-4A12-97EA-6642F98FDA27"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_automation_toolchain:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"83FBED4E-1977-45EF-8D33-4A24D81BFE7C"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_carrier-grade_nat:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"54BB0364-2EFA-442B-9DB2-3A49677D965C"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_carrier-grade_nat:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"F64237A9-9AF0-4D01-958F-753862C33ABF"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_container_ingress_services:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"2727CEE5-75FD-4345-88C1-3ED60AAF7DE3"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_container_ingress_services:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"205B3D36-A3D8-4859-A3C4-2FA432B4A162"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_ddos_hybrid_defender:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.","versionEndIncluding":"17.1.3","matchCriteriaId":"A59C1632-2F53-4E62-A493-30A7AB8845A4"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_ddos_hybrid_defender:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"66DDBE6D-423A-4F60-9D06-0E10CB93FB66"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"35FF40AC-3A3E-4B4B-83F4-BB6048FEBB72"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"E0B21289-FB5C-47FA-B054-50341236260D"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"C83BE4EC-8775-4FF4-B362-9E6EBDD53A04"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"C7F7C488-8C01-4EE7-A244-259237F06668"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"556AEFC8-8D4C-4E5A-9051-77424FAAC9D1"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"E649795C-1B70-411B-B744-E0728109474D"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"93597117-087D-4AAC-884F-8E1400D645FA"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"131D329E-0351-402B-BC67-698DC1C9A83E"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"2F95824A-E1F8-412E-B59D-8278AE3CB571"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"C8EF0B1D-AE26-4283-8D84-5CECB245652F"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"4996DCE3-8F39-4917-96A0-2C44C900DEE0"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"AA1487CA-A5F3-4689-9458-7309C2E17C9E"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"48DBF1EA-4DFD-402F-81BC-430B7D74C5FD"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"7F234CDF-C413-4E70-9A97-6467ADB33EA9"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_ssl_orchestrator:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"BA32DFFC-6412-4BA9-9382-5E307539AF4D"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_ssl_orchestrator:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"BCBD1B79-3FC1-4288-BEF8-E5D60DA939A6"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"D25B01D7-F665-47EE-9185-40581A6C3DA0"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"83AD64DE-7D0B-4380-89E0-A06817B21606"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_websafe:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"4AE71FB5-6842-4822-9CA4-1427BC9187BF"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_websafe:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"F1516CC2-94CA-4FB2-AC5A-6CFB0580980C"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"BD3A2286-B181-47DA-BCB3-A9D0E0B357AC"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"004CBB88-E617-4A0A-BE42-E1E6BB52D736"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"920FA89D-E154-4936-B88E-8B60D5B39B40"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"94ADD021-8229-4CDE-AE73-33FB1BD4A3C5"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"216A1ED3-D0CD-4A08-B9E8-A5B54942E831"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"CA7B9727-7694-4D1B-8B48-175196544050"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_application_visibility_and_reporting:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"5481F477-166F-4321-80A0-539095C6B829"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_automation_toolchain:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"5462B02C-4414-4B14-A671-D8993BD9511D"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_carrier-grade_nat:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"4A6B33EA-BD41-45A1-801F-BF2439E4F501"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_container_ingress_services:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"972BEB00-AAC3-42F7-BB45-881E1A3D1131"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_ddos_hybrid_defender:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"226B7285-7977-4BBC-947E-E9541E1AAB89"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"8B49FF41-861D-488F-94DC-DAE222A9BE0D"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"4962EDD5-384F-4ABC-8696-8C4AACEE19BD"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"CE7A5976-AAA0-4FF1-ADAC-4547F24765FA"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"5728B748-0795-4056-91E8-B3A0DB3A3081"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"C453B7CE-FBA6-46E7-975D-61D7A18773F9"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"EC77DFC2-A3DC-46E6-9419-0ABA84CD275E"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"25701935-02F5-4BD8-95F0-6693C6606558"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_ssl_orchestrator:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"AC71E265-C7B7-4A78-B73A-32B5FECE5D36"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"8B029869-31AB-4FE2-846E-FC6F7133ADF8"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_websafe:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"2760AEE2-DCA4-4ED8-92DE-F409EED1A7D9"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_access_policy_manager:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"F10F963B-348A-4819-9109-EF0F2304CCDB"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_advanced_firewall_manager:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"003B47C5-A8E3-4ECD-B0E1-6FD3BCC6C00A"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"CCCB38CF-FCDA-4E62-8BEA-70DE61D617B4"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_analytics:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"B1489ACC-1DCF-4107-A7A5-12E675B522F3"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_application_acceleration_manager:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"B63EC396-5C6D-4F2B-AA4B-48C19A2DEF40"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_application_security_manager:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"E8F401DC-AEE8-4DA1-8D54-51086557F0CC"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_application_visibility_and_reporting:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"EB3D5211-78EA-479C-A468-F3DD867DA377"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_automation_toolchain:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"4BF32E2A-2837-4F02-98D4-EC8D4AD7629A"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_carrier-grade_nat:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"7918553F-3A00-4F1F-8007-40C440D30EDC"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_container_ingress_services:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"63F0B2DD-6D9C-4A4E-AB9A-E417D0BA9725"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_ddos_hybrid_defender:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"961FD6A4-3969-4A7B-B154-71AB91102EDB"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_domain_name_system:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"0EA3A0ED-753C-4909-8EDC-294AF6873791"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_edge_gateway:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"B22E4040-EC36-44B7-AE6F-D8A5B982350F"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_fraud_protection_service:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"90819202-D6CE-4742-957E-32653AD75AB2"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_global_traffic_manager:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"5E4DCF86-3120-4D11-8233-9E41BF6F1577"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_link_controller:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"C3978168-BE6E-41DB-92A2-99843137BBFC"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_local_traffic_manager:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"2BBB888F-2AAF-4F90-82F7-12A79A5D9EC1"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_policy_enforcement_manager:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"EA18854A-929E-4D5E-B2EC-9AC31A5694C6"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_ssl_orchestrator:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"AB4EFA9A-FBB9-437C-9789-7C4EB489DD59"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_webaccelerator:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"900D8242-3139-443E-98A3-30A7D9A0CA42"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_websafe:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"4DF82E2E-B438-4205-8A58-802A1F22EB3E"}]}]}],"references":[{"url":"https://my.f5.com/manage/s/article/K000161040","source":"f5sirt@f5.com","tags":["Mitigation","Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-34019","sourceIdentifier":"f5sirt@f5.com","published":"2026-05-13T16:16:39.680","lastModified":"2026-06-29T14:14:54.900","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"When Bidirectional Forwarding Detection (BFD) is configured in Static and Dynamic routing protocols, undisclosed traffic can cause the Traffic Management Microkernel (TMM) to stop processing BFD packets and cause the configured routing protocol to fail over.  Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated."}],"affected":[{"source":"f5sirt@f5.com","affectedData":[{"vendor":"F5","product":"BIG-IP","defaultStatus":"unknown","modules":["All Modules"],"versions":[{"version":"21.0.0","lessThan":"*","versionType":"custom","status":"unaffected"},{"version":"17.5.0","lessThan":"17.5.1","versionType":"custom","status":"affected"},{"version":"17.1.0","lessThan":"17.1.3","versionType":"custom","status":"affected"},{"version":"16.1.0","lessThan":"*","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"f5sirt@f5.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":6.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"PRESENT","privilegesRequired":"NONE","userInteraction":"NONE","vulnConfidentialityImpact":"NONE","vulnIntegrityImpact":"NONE","vulnAvailabilityImpact":"LOW","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"f5sirt@f5.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L","baseScore":5.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"LOW"},"exploitabilityScore":3.9,"impactScore":1.4}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-05-13T16:00:14.700470Z","id":"CVE-2026-34019","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"f5sirt@f5.com","type":"Secondary","description":[{"lang":"en","value":"CWE-410"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.2","matchCriteriaId":"9DE3A941-B898-4EAB-9073-C6A312E59FC5"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_access_policy_manager:17.5.0:*:*:*:*:*:*:*","matchCriteriaId":"369D38E2-62B5-47C4-B606-7A2DD866133C"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.2","matchCriteriaId":"17A4C2F1-F33F-497D-BFEC-F54821FFFF63"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_advanced_firewall_manager:17.5.0:*:*:*:*:*:*:*","matchCriteriaId":"AA4C7292-62F1-4C37-BDA6-504D49CEE18E"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.2","matchCriteriaId":"9DE0E36D-4531-4A08-8ED0-07555E2060E3"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:17.5.0:*:*:*:*:*:*:*","matchCriteriaId":"03D43E1A-B542-4C95-ABEF-1DFE82D55513"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.2","matchCriteriaId":"6F24EEB1-D418-453B-9843-658D3DBF8BA9"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_analytics:17.5.0:*:*:*:*:*:*:*","matchCriteriaId":"9377E6E2-773B-46A6-B83A-2A4D2A7B2726"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.2","matchCriteriaId":"00A71032-320F-4069-95DC-C0DB3F46FC3F"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_application_acceleration_manager:17.5.0:*:*:*:*:*:*:*","matchCriteriaId":"8279C05F-E490-4E9C-B63B-DDF85A21085D"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.2","matchCriteriaId":"CFAB244B-6D1C-40D1-996C-EEAF9132E0AB"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_application_security_manager:17.5.0:*:*:*:*:*:*:*","matchCriteriaId":"3F78E5C4-6687-4C78-88FA-0F6BD878859E"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_application_visibility_and_reporting:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.2","matchCriteriaId":"F47B9378-D11E-407D-9CFB-CF0C12631F5A"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_application_visibility_and_reporting:17.5.0:*:*:*:*:*:*:*","matchCriteriaId":"4CF3886C-5AD1-42BD-997D-5EA56EBE035E"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_automation_toolchain:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.2","matchCriteriaId":"132EDDA2-C6ED-40D8-A72B-510D47CE069B"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_automation_toolchain:17.5.0:*:*:*:*:*:*:*","matchCriteriaId":"84C4D215-F31E-490A-9286-23C539C6043A"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_carrier-grade_nat:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.2","matchCriteriaId":"4487BDEE-2947-4679-BF97-0C3AE7836042"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_carrier-grade_nat:17.5.0:*:*:*:*:*:*:*","matchCriteriaId":"8A59E095-32B6-4674-8684-372C55907391"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_container_ingress_services:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.2","matchCriteriaId":"1BA156E3-804D-4734-AF6B-2D00867A4958"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_container_ingress_services:17.5.0:*:*:*:*:*:*:*","matchCriteriaId":"2B118F97-D7B0-478E-9490-B39BA32F9417"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_ddos_hybrid_defender:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.2","matchCriteriaId":"A2DF635B-C864-4237-B4A0-A6B7D76F85EF"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_ddos_hybrid_defender:17.5.0:*:*:*:*:*:*:*","matchCriteriaId":"980AB53F-31BB-4CBC-A5EA-ECE3991AFB60"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.2","matchCriteriaId":"01B86DA2-80E2-48FE-B7E7-24D0B655D919"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_domain_name_system:17.5.0:*:*:*:*:*:*:*","matchCriteriaId":"2F3789D9-9153-4A32-B7AF-060109ACA2B5"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.2","matchCriteriaId":"25025541-6B31-445E-B937-9B1A0822E764"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_edge_gateway:17.5.0:*:*:*:*:*:*:*","matchCriteriaId":"E631EA9E-D1EC-460A-8389-E735F2D82397"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.2","matchCriteriaId":"AEF987F5-A041-4B06-B463-53620C695055"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_fraud_protection_service:17.5.0:*:*:*:*:*:*:*","matchCriteriaId":"6B3A8A88-9266-4041-ABB0-080AA652EF1A"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.2","matchCriteriaId":"9368AAB1-6D48-4FFF-855F-A4B18A6255A8"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_global_traffic_manager:17.5.0:*:*:*:*:*:*:*","matchCriteriaId":"DEDE487F-FC3E-4228-B151-117A215D8A90"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.2","matchCriteriaId":"26BEF514-40A1-4D0C-8485-D385AB84DDB3"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_link_controller:17.5.0:*:*:*:*:*:*:*","matchCriteriaId":"93FAD2D6-DF19-40B7-90F8-102D3FE5CA57"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.2","matchCriteriaId":"033C2053-9C54-4E40-AD09-6E3D4615ABDC"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_local_traffic_manager:17.5.0:*:*:*:*:*:*:*","matchCriteriaId":"6EA4CEF4-BFAF-4E5B-8457-1B0D327BE69A"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.2","matchCriteriaId":"8AFBC73D-276D-4BE7-B370-1C73C3CCD9E6"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_policy_enforcement_manager:17.5.0:*:*:*:*:*:*:*","matchCriteriaId":"33EC429B-1C44-4720-82AD-7D4AABC8FE9E"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_ssl_orchestrator:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.2","matchCriteriaId":"A7884718-C734-4CB1-81D3-F1B84CFD265C"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_ssl_orchestrator:17.5.0:*:*:*:*:*:*:*","matchCriteriaId":"29BF7E7D-7E43-4937-9F68-3F9448590D72"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.2","matchCriteriaId":"39F5D48A-83CE-479C-87D3-91A20BC70EFD"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_webaccelerator:17.5.0:*:*:*:*:*:*:*","matchCriteriaId":"A0C072D2-5850-48F4-8B8A-661F04E43BBA"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_websafe:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.2","matchCriteriaId":"6596F623-C230-4689-AFB5-434FF18E66E4"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_websafe:17.5.0:*:*:*:*:*:*:*","matchCriteriaId":"3C6A7500-3854-4BE1-A248-191CEC151DE2"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"BD3A2286-B181-47DA-BCB3-A9D0E0B357AC"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"004CBB88-E617-4A0A-BE42-E1E6BB52D736"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"920FA89D-E154-4936-B88E-8B60D5B39B40"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"94ADD021-8229-4CDE-AE73-33FB1BD4A3C5"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"216A1ED3-D0CD-4A08-B9E8-A5B54942E831"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"CA7B9727-7694-4D1B-8B48-175196544050"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_application_visibility_and_reporting:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"5481F477-166F-4321-80A0-539095C6B829"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_automation_toolchain:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"5462B02C-4414-4B14-A671-D8993BD9511D"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_carrier-grade_nat:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"4A6B33EA-BD41-45A1-801F-BF2439E4F501"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_container_ingress_services:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"972BEB00-AAC3-42F7-BB45-881E1A3D1131"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_ddos_hybrid_defender:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"226B7285-7977-4BBC-947E-E9541E1AAB89"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"8B49FF41-861D-488F-94DC-DAE222A9BE0D"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"4962EDD5-384F-4ABC-8696-8C4AACEE19BD"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"CE7A5976-AAA0-4FF1-ADAC-4547F24765FA"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"5728B748-0795-4056-91E8-B3A0DB3A3081"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"C453B7CE-FBA6-46E7-975D-61D7A18773F9"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"EC77DFC2-A3DC-46E6-9419-0ABA84CD275E"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"25701935-02F5-4BD8-95F0-6693C6606558"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_ssl_orchestrator:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"AC71E265-C7B7-4A78-B73A-32B5FECE5D36"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"8B029869-31AB-4FE2-846E-FC6F7133ADF8"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_websafe:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"2760AEE2-DCA4-4ED8-92DE-F409EED1A7D9"}]}]}],"references":[{"url":"https://my.f5.com/manage/s/article/K000150508","source":"f5sirt@f5.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-34176","sourceIdentifier":"f5sirt@f5.com","published":"2026-05-13T16:16:39.813","lastModified":"2026-06-29T17:45:19.987","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"When running in Appliance mode, an authenticated remote command injection vulnerability exists in an undisclosed iControl REST endpoint. A successful exploit can allow the attacker to cross a security boundary.  \n\nNote: Software versions which have reached End of Technical Support (EoTS) are not evaluated."}],"affected":[{"source":"f5sirt@f5.com","affectedData":[{"vendor":"F5","product":"BIG-IP","defaultStatus":"unknown","modules":["All Modules"],"versions":[{"version":"21.1.0","lessThan":"*","versionType":"custom","status":"unaffected"},{"version":"21.0.0","lessThan":"21.0.0.2","versionType":"custom","status":"affected"},{"version":"17.5.0","lessThan":"17.5.1.6","versionType":"custom","status":"affected"},{"version":"17.1.0","lessThan":"17.1.3.2","versionType":"custom","status":"affected"},{"version":"16.1.0","lessThan":"*","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"f5sirt@f5.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":8.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"HIGH","userInteraction":"NONE","vulnConfidentialityImpact":"HIGH","vulnIntegrityImpact":"HIGH","vulnAvailabilityImpact":"NONE","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"f5sirt@f5.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:N","baseScore":8.7,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":2.3,"impactScore":5.8}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-05-13T00:00:00+00:00","id":"CVE-2026-34176","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"f5sirt@f5.com","type":"Secondary","description":[{"lang":"en","value":"CWE-78"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"84ACD36F-E97D-4DDA-A8FD-D911095C1035"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"BD71EC53-8ABC-410F-B031-0B3288D2E8DF"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"1E446AEE-1CB7-411C-9549-0E12C2EBBF9C"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"AFDDB2A2-3B00-4454-A5BA-F181972B8B70"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"D186FF46-E0B0-4B54-9EA9-87AD379FA600"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"4AFFB39F-3E07-4316-9DD6-C36407B09C20"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"06CB53ED-B0CF-45D0-BF6B-C07C2B5AD3DA"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"A6E75F5E-8C80-4287-84BF-6676B1029AA6"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"2F330E98-E773-4D93-855D-1D82644B3F73"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"26D5B297-AAD7-4DF5-9C24-E9550DF2793A"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"59042348-3748-48E0-B78B-D978C6B241B2"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"5082DEBB-5C7F-41A2-B48F-0C72C3A6782B"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_application_visibility_and_reporting:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"B010CF79-60CD-4B4C-BDCA-61FBD59397B9"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_application_visibility_and_reporting:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"39AA59D4-6DE8-4ABA-9EEB-840755CA76A2"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_automation_toolchain:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"6C89D1A8-D453-4A12-97EA-6642F98FDA27"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_automation_toolchain:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"83FBED4E-1977-45EF-8D33-4A24D81BFE7C"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_carrier-grade_nat:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"54BB0364-2EFA-442B-9DB2-3A49677D965C"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_carrier-grade_nat:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"F64237A9-9AF0-4D01-958F-753862C33ABF"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_container_ingress_services:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"2727CEE5-75FD-4345-88C1-3ED60AAF7DE3"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_container_ingress_services:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"205B3D36-A3D8-4859-A3C4-2FA432B4A162"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_ddos_hybrid_defender:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"EA180633-8625-4F8E-90E2-235BCD334256"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_ddos_hybrid_defender:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"66DDBE6D-423A-4F60-9D06-0E10CB93FB66"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"35FF40AC-3A3E-4B4B-83F4-BB6048FEBB72"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"E0B21289-FB5C-47FA-B054-50341236260D"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"C83BE4EC-8775-4FF4-B362-9E6EBDD53A04"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"C7F7C488-8C01-4EE7-A244-259237F06668"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"556AEFC8-8D4C-4E5A-9051-77424FAAC9D1"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"E649795C-1B70-411B-B744-E0728109474D"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"93597117-087D-4AAC-884F-8E1400D645FA"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"131D329E-0351-402B-BC67-698DC1C9A83E"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"2F95824A-E1F8-412E-B59D-8278AE3CB571"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"C8EF0B1D-AE26-4283-8D84-5CECB245652F"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"4996DCE3-8F39-4917-96A0-2C44C900DEE0"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"AA1487CA-A5F3-4689-9458-7309C2E17C9E"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"48DBF1EA-4DFD-402F-81BC-430B7D74C5FD"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"7F234CDF-C413-4E70-9A97-6467ADB33EA9"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_ssl_orchestrator:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"BA32DFFC-6412-4BA9-9382-5E307539AF4D"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_ssl_orchestrator:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"BCBD1B79-3FC1-4288-BEF8-E5D60DA939A6"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"D25B01D7-F665-47EE-9185-40581A6C3DA0"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"83AD64DE-7D0B-4380-89E0-A06817B21606"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_websafe:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"4AE71FB5-6842-4822-9CA4-1427BC9187BF"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_websafe:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"F1516CC2-94CA-4FB2-AC5A-6CFB0580980C"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"BD3A2286-B181-47DA-BCB3-A9D0E0B357AC"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"004CBB88-E617-4A0A-BE42-E1E6BB52D736"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"920FA89D-E154-4936-B88E-8B60D5B39B40"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"94ADD021-8229-4CDE-AE73-33FB1BD4A3C5"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"216A1ED3-D0CD-4A08-B9E8-A5B54942E831"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"CA7B9727-7694-4D1B-8B48-175196544050"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_application_visibility_and_reporting:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"5481F477-166F-4321-80A0-539095C6B829"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_automation_toolchain:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"5462B02C-4414-4B14-A671-D8993BD9511D"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_carrier-grade_nat:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"4A6B33EA-BD41-45A1-801F-BF2439E4F501"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_container_ingress_services:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"972BEB00-AAC3-42F7-BB45-881E1A3D1131"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_ddos_hybrid_defender:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"226B7285-7977-4BBC-947E-E9541E1AAB89"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"8B49FF41-861D-488F-94DC-DAE222A9BE0D"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"4962EDD5-384F-4ABC-8696-8C4AACEE19BD"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"CE7A5976-AAA0-4FF1-ADAC-4547F24765FA"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"5728B748-0795-4056-91E8-B3A0DB3A3081"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"C453B7CE-FBA6-46E7-975D-61D7A18773F9"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"EC77DFC2-A3DC-46E6-9419-0ABA84CD275E"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"25701935-02F5-4BD8-95F0-6693C6606558"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_ssl_orchestrator:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"AC71E265-C7B7-4A78-B73A-32B5FECE5D36"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"8B029869-31AB-4FE2-846E-FC6F7133ADF8"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_websafe:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"2760AEE2-DCA4-4ED8-92DE-F409EED1A7D9"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_access_policy_manager:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"F10F963B-348A-4819-9109-EF0F2304CCDB"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_advanced_firewall_manager:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"003B47C5-A8E3-4ECD-B0E1-6FD3BCC6C00A"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"CCCB38CF-FCDA-4E62-8BEA-70DE61D617B4"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_analytics:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"B1489ACC-1DCF-4107-A7A5-12E675B522F3"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_application_acceleration_manager:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"B63EC396-5C6D-4F2B-AA4B-48C19A2DEF40"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_application_security_manager:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"E8F401DC-AEE8-4DA1-8D54-51086557F0CC"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_application_visibility_and_reporting:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"EB3D5211-78EA-479C-A468-F3DD867DA377"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_automation_toolchain:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"4BF32E2A-2837-4F02-98D4-EC8D4AD7629A"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_carrier-grade_nat:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"7918553F-3A00-4F1F-8007-40C440D30EDC"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_container_ingress_services:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"63F0B2DD-6D9C-4A4E-AB9A-E417D0BA9725"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_ddos_hybrid_defender:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"961FD6A4-3969-4A7B-B154-71AB91102EDB"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_domain_name_system:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"0EA3A0ED-753C-4909-8EDC-294AF6873791"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_edge_gateway:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"B22E4040-EC36-44B7-AE6F-D8A5B982350F"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_fraud_protection_service:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"90819202-D6CE-4742-957E-32653AD75AB2"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_global_traffic_manager:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"5E4DCF86-3120-4D11-8233-9E41BF6F1577"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_link_controller:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"C3978168-BE6E-41DB-92A2-99843137BBFC"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_local_traffic_manager:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"2BBB888F-2AAF-4F90-82F7-12A79A5D9EC1"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_policy_enforcement_manager:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"EA18854A-929E-4D5E-B2EC-9AC31A5694C6"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_ssl_orchestrator:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"AB4EFA9A-FBB9-437C-9789-7C4EB489DD59"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_webaccelerator:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"900D8242-3139-443E-98A3-30A7D9A0CA42"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_websafe:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"4DF82E2E-B438-4205-8A58-802A1F22EB3E"}]}]}],"references":[{"url":"https://my.f5.com/manage/s/article/K000160857","source":"f5sirt@f5.com","tags":["Mitigation","Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-35062","sourceIdentifier":"f5sirt@f5.com","published":"2026-05-13T16:16:40.400","lastModified":"2026-06-29T17:27:55.533","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"An authenticated iControl SOAP user may be able to obtain information of other accounts. \n\nNote: Software versions which have reached End of Technical Support (EoTS) are not evaluated."}],"affected":[{"source":"f5sirt@f5.com","affectedData":[{"vendor":"F5","product":"BIG-IP","defaultStatus":"unknown","modules":["All Modules"],"versions":[{"version":"21.1.0","lessThan":"*","versionType":"custom","status":"unaffected"},{"version":"21.0.0","lessThan":"21.0.0.1","versionType":"custom","status":"affected"},{"version":"17.5.1","lessThan":"17.5.1.4","versionType":"custom","status":"affected"},{"version":"17.1.0","lessThan":"17.1.3.1","versionType":"custom","status":"affected"},{"version":"16.1.0","lessThan":"*","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"f5sirt@f5.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":7.1,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"LOW","userInteraction":"NONE","vulnConfidentialityImpact":"HIGH","vulnIntegrityImpact":"NONE","vulnAvailabilityImpact":"NONE","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"f5sirt@f5.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-05-13T16:01:55.758956Z","id":"CVE-2026-35062","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"f5sirt@f5.com","type":"Secondary","description":[{"lang":"en","value":"CWE-266"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"84ACD36F-E97D-4DDA-A8FD-D911095C1035"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"BD71EC53-8ABC-410F-B031-0B3288D2E8DF"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"1E446AEE-1CB7-411C-9549-0E12C2EBBF9C"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"AFDDB2A2-3B00-4454-A5BA-F181972B8B70"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"D186FF46-E0B0-4B54-9EA9-87AD379FA600"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"4AFFB39F-3E07-4316-9DD6-C36407B09C20"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"06CB53ED-B0CF-45D0-BF6B-C07C2B5AD3DA"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"A6E75F5E-8C80-4287-84BF-6676B1029AA6"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"2F330E98-E773-4D93-855D-1D82644B3F73"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"26D5B297-AAD7-4DF5-9C24-E9550DF2793A"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"59042348-3748-48E0-B78B-D978C6B241B2"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"5082DEBB-5C7F-41A2-B48F-0C72C3A6782B"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_application_visibility_and_reporting:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"B010CF79-60CD-4B4C-BDCA-61FBD59397B9"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_application_visibility_and_reporting:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"39AA59D4-6DE8-4ABA-9EEB-840755CA76A2"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_automation_toolchain:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"6C89D1A8-D453-4A12-97EA-6642F98FDA27"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_automation_toolchain:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"83FBED4E-1977-45EF-8D33-4A24D81BFE7C"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_carrier-grade_nat:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"54BB0364-2EFA-442B-9DB2-3A49677D965C"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_carrier-grade_nat:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"F64237A9-9AF0-4D01-958F-753862C33ABF"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_container_ingress_services:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"2727CEE5-75FD-4345-88C1-3ED60AAF7DE3"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_container_ingress_services:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"205B3D36-A3D8-4859-A3C4-2FA432B4A162"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_ddos_hybrid_defender:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"EA180633-8625-4F8E-90E2-235BCD334256"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_ddos_hybrid_defender:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"66DDBE6D-423A-4F60-9D06-0E10CB93FB66"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"35FF40AC-3A3E-4B4B-83F4-BB6048FEBB72"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"E0B21289-FB5C-47FA-B054-50341236260D"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"C83BE4EC-8775-4FF4-B362-9E6EBDD53A04"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"C7F7C488-8C01-4EE7-A244-259237F06668"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"556AEFC8-8D4C-4E5A-9051-77424FAAC9D1"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"E649795C-1B70-411B-B744-E0728109474D"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"93597117-087D-4AAC-884F-8E1400D645FA"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"131D329E-0351-402B-BC67-698DC1C9A83E"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"2F95824A-E1F8-412E-B59D-8278AE3CB571"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"C8EF0B1D-AE26-4283-8D84-5CECB245652F"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"4996DCE3-8F39-4917-96A0-2C44C900DEE0"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"AA1487CA-A5F3-4689-9458-7309C2E17C9E"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"48DBF1EA-4DFD-402F-81BC-430B7D74C5FD"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"7F234CDF-C413-4E70-9A97-6467ADB33EA9"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_ssl_orchestrator:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"BA32DFFC-6412-4BA9-9382-5E307539AF4D"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_ssl_orchestrator:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"BCBD1B79-3FC1-4288-BEF8-E5D60DA939A6"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"D25B01D7-F665-47EE-9185-40581A6C3DA0"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"83AD64DE-7D0B-4380-89E0-A06817B21606"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_websafe:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"4AE71FB5-6842-4822-9CA4-1427BC9187BF"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_websafe:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"F1516CC2-94CA-4FB2-AC5A-6CFB0580980C"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"BD3A2286-B181-47DA-BCB3-A9D0E0B357AC"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"004CBB88-E617-4A0A-BE42-E1E6BB52D736"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"920FA89D-E154-4936-B88E-8B60D5B39B40"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"94ADD021-8229-4CDE-AE73-33FB1BD4A3C5"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"216A1ED3-D0CD-4A08-B9E8-A5B54942E831"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"CA7B9727-7694-4D1B-8B48-175196544050"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_application_visibility_and_reporting:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"5481F477-166F-4321-80A0-539095C6B829"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_automation_toolchain:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"5462B02C-4414-4B14-A671-D8993BD9511D"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_carrier-grade_nat:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"4A6B33EA-BD41-45A1-801F-BF2439E4F501"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_container_ingress_services:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"972BEB00-AAC3-42F7-BB45-881E1A3D1131"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_ddos_hybrid_defender:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"226B7285-7977-4BBC-947E-E9541E1AAB89"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"8B49FF41-861D-488F-94DC-DAE222A9BE0D"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"4962EDD5-384F-4ABC-8696-8C4AACEE19BD"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"CE7A5976-AAA0-4FF1-ADAC-4547F24765FA"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"5728B748-0795-4056-91E8-B3A0DB3A3081"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"C453B7CE-FBA6-46E7-975D-61D7A18773F9"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"EC77DFC2-A3DC-46E6-9419-0ABA84CD275E"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"25701935-02F5-4BD8-95F0-6693C6606558"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_ssl_orchestrator:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"AC71E265-C7B7-4A78-B73A-32B5FECE5D36"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"8B029869-31AB-4FE2-846E-FC6F7133ADF8"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_websafe:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"2760AEE2-DCA4-4ED8-92DE-F409EED1A7D9"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_access_policy_manager:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"F10F963B-348A-4819-9109-EF0F2304CCDB"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_advanced_firewall_manager:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"003B47C5-A8E3-4ECD-B0E1-6FD3BCC6C00A"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"CCCB38CF-FCDA-4E62-8BEA-70DE61D617B4"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_analytics:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"B1489ACC-1DCF-4107-A7A5-12E675B522F3"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_application_acceleration_manager:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"B63EC396-5C6D-4F2B-AA4B-48C19A2DEF40"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_application_security_manager:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"E8F401DC-AEE8-4DA1-8D54-51086557F0CC"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_application_visibility_and_reporting:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"EB3D5211-78EA-479C-A468-F3DD867DA377"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_automation_toolchain:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"4BF32E2A-2837-4F02-98D4-EC8D4AD7629A"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_carrier-grade_nat:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"7918553F-3A00-4F1F-8007-40C440D30EDC"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_container_ingress_services:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"63F0B2DD-6D9C-4A4E-AB9A-E417D0BA9725"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_ddos_hybrid_defender:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"961FD6A4-3969-4A7B-B154-71AB91102EDB"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_domain_name_system:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"0EA3A0ED-753C-4909-8EDC-294AF6873791"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_edge_gateway:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"B22E4040-EC36-44B7-AE6F-D8A5B982350F"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_fraud_protection_service:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"90819202-D6CE-4742-957E-32653AD75AB2"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_global_traffic_manager:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"5E4DCF86-3120-4D11-8233-9E41BF6F1577"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_link_controller:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"C3978168-BE6E-41DB-92A2-99843137BBFC"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_local_traffic_manager:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"2BBB888F-2AAF-4F90-82F7-12A79A5D9EC1"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_policy_enforcement_manager:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"EA18854A-929E-4D5E-B2EC-9AC31A5694C6"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_ssl_orchestrator:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"AB4EFA9A-FBB9-437C-9789-7C4EB489DD59"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_webaccelerator:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"900D8242-3139-443E-98A3-30A7D9A0CA42"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_websafe:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"4DF82E2E-B438-4205-8A58-802A1F22EB3E"}]}]}],"references":[{"url":"https://my.f5.com/manage/s/article/K000159021","source":"f5sirt@f5.com","tags":["Mitigation","Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-39455","sourceIdentifier":"f5sirt@f5.com","published":"2026-05-13T16:16:41.090","lastModified":"2026-06-29T14:15:01.290","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"When the BIG-IP Configuration utility is configured to use Lightweight Directory Access Protocol (LDAP) authentication, undisclosed traffic can cause the httpd process to exhaust the available file descriptors.  Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated."}],"affected":[{"source":"f5sirt@f5.com","affectedData":[{"vendor":"F5","product":"BIG-IP","defaultStatus":"unknown","modules":["All Modules"],"versions":[{"version":"21.1.0","lessThan":"*","versionType":"custom","status":"unaffected"},{"version":"21.0.0","lessThan":"21.0.0.2","versionType":"custom","status":"affected"},{"version":"17.5.0","lessThan":"17.5.1.6","versionType":"custom","status":"affected"},{"version":"17.1.0","lessThan":"17.1.3.2","versionType":"custom","status":"affected"},{"version":"16.1.0","lessThan":"*","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"f5sirt@f5.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":8.7,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"NONE","userInteraction":"NONE","vulnConfidentialityImpact":"NONE","vulnIntegrityImpact":"NONE","vulnAvailabilityImpact":"HIGH","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"f5sirt@f5.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-05-13T16:02:47.984687Z","id":"CVE-2026-39455","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"f5sirt@f5.com","type":"Secondary","description":[{"lang":"en","value":"CWE-772"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"84ACD36F-E97D-4DDA-A8FD-D911095C1035"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"BD71EC53-8ABC-410F-B031-0B3288D2E8DF"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"1E446AEE-1CB7-411C-9549-0E12C2EBBF9C"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"AFDDB2A2-3B00-4454-A5BA-F181972B8B70"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"D186FF46-E0B0-4B54-9EA9-87AD379FA600"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"4AFFB39F-3E07-4316-9DD6-C36407B09C20"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"06CB53ED-B0CF-45D0-BF6B-C07C2B5AD3DA"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"A6E75F5E-8C80-4287-84BF-6676B1029AA6"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"2F330E98-E773-4D93-855D-1D82644B3F73"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"26D5B297-AAD7-4DF5-9C24-E9550DF2793A"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"59042348-3748-48E0-B78B-D978C6B241B2"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"5082DEBB-5C7F-41A2-B48F-0C72C3A6782B"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_application_visibility_and_reporting:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"B010CF79-60CD-4B4C-BDCA-61FBD59397B9"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_application_visibility_and_reporting:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"39AA59D4-6DE8-4ABA-9EEB-840755CA76A2"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_automation_toolchain:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"6C89D1A8-D453-4A12-97EA-6642F98FDA27"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_automation_toolchain:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"83FBED4E-1977-45EF-8D33-4A24D81BFE7C"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_carrier-grade_nat:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"54BB0364-2EFA-442B-9DB2-3A49677D965C"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_carrier-grade_nat:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"F64237A9-9AF0-4D01-958F-753862C33ABF"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_container_ingress_services:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"2727CEE5-75FD-4345-88C1-3ED60AAF7DE3"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_container_ingress_services:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"205B3D36-A3D8-4859-A3C4-2FA432B4A162"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_ddos_hybrid_defender:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"EA180633-8625-4F8E-90E2-235BCD334256"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_ddos_hybrid_defender:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"66DDBE6D-423A-4F60-9D06-0E10CB93FB66"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"35FF40AC-3A3E-4B4B-83F4-BB6048FEBB72"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"E0B21289-FB5C-47FA-B054-50341236260D"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"C83BE4EC-8775-4FF4-B362-9E6EBDD53A04"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"C7F7C488-8C01-4EE7-A244-259237F06668"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"556AEFC8-8D4C-4E5A-9051-77424FAAC9D1"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"E649795C-1B70-411B-B744-E0728109474D"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"93597117-087D-4AAC-884F-8E1400D645FA"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"131D329E-0351-402B-BC67-698DC1C9A83E"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"2F95824A-E1F8-412E-B59D-8278AE3CB571"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"C8EF0B1D-AE26-4283-8D84-5CECB245652F"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"4996DCE3-8F39-4917-96A0-2C44C900DEE0"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"AA1487CA-A5F3-4689-9458-7309C2E17C9E"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"48DBF1EA-4DFD-402F-81BC-430B7D74C5FD"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"7F234CDF-C413-4E70-9A97-6467ADB33EA9"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_ssl_orchestrator:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"BA32DFFC-6412-4BA9-9382-5E307539AF4D"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_ssl_orchestrator:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"BCBD1B79-3FC1-4288-BEF8-E5D60DA939A6"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"D25B01D7-F665-47EE-9185-40581A6C3DA0"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"83AD64DE-7D0B-4380-89E0-A06817B21606"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_websafe:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"4AE71FB5-6842-4822-9CA4-1427BC9187BF"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_websafe:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"F1516CC2-94CA-4FB2-AC5A-6CFB0580980C"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"BD3A2286-B181-47DA-BCB3-A9D0E0B357AC"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"004CBB88-E617-4A0A-BE42-E1E6BB52D736"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"920FA89D-E154-4936-B88E-8B60D5B39B40"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"94ADD021-8229-4CDE-AE73-33FB1BD4A3C5"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"216A1ED3-D0CD-4A08-B9E8-A5B54942E831"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"CA7B9727-7694-4D1B-8B48-175196544050"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_application_visibility_and_reporting:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"5481F477-166F-4321-80A0-539095C6B829"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_automation_toolchain:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"5462B02C-4414-4B14-A671-D8993BD9511D"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_carrier-grade_nat:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"4A6B33EA-BD41-45A1-801F-BF2439E4F501"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_container_ingress_services:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"972BEB00-AAC3-42F7-BB45-881E1A3D1131"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_ddos_hybrid_defender:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"226B7285-7977-4BBC-947E-E9541E1AAB89"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"8B49FF41-861D-488F-94DC-DAE222A9BE0D"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"4962EDD5-384F-4ABC-8696-8C4AACEE19BD"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"CE7A5976-AAA0-4FF1-ADAC-4547F24765FA"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"5728B748-0795-4056-91E8-B3A0DB3A3081"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"C453B7CE-FBA6-46E7-975D-61D7A18773F9"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"EC77DFC2-A3DC-46E6-9419-0ABA84CD275E"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"25701935-02F5-4BD8-95F0-6693C6606558"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_ssl_orchestrator:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"AC71E265-C7B7-4A78-B73A-32B5FECE5D36"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"8B029869-31AB-4FE2-846E-FC6F7133ADF8"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_websafe:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"2760AEE2-DCA4-4ED8-92DE-F409EED1A7D9"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_access_policy_manager:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"F10F963B-348A-4819-9109-EF0F2304CCDB"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_advanced_firewall_manager:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"003B47C5-A8E3-4ECD-B0E1-6FD3BCC6C00A"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"CCCB38CF-FCDA-4E62-8BEA-70DE61D617B4"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_analytics:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"B1489ACC-1DCF-4107-A7A5-12E675B522F3"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_application_acceleration_manager:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"B63EC396-5C6D-4F2B-AA4B-48C19A2DEF40"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_application_security_manager:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"E8F401DC-AEE8-4DA1-8D54-51086557F0CC"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_application_visibility_and_reporting:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"EB3D5211-78EA-479C-A468-F3DD867DA377"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_automation_toolchain:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"4BF32E2A-2837-4F02-98D4-EC8D4AD7629A"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_carrier-grade_nat:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"7918553F-3A00-4F1F-8007-40C440D30EDC"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_container_ingress_services:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"63F0B2DD-6D9C-4A4E-AB9A-E417D0BA9725"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_ddos_hybrid_defender:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"961FD6A4-3969-4A7B-B154-71AB91102EDB"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_domain_name_system:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"0EA3A0ED-753C-4909-8EDC-294AF6873791"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_edge_gateway:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"B22E4040-EC36-44B7-AE6F-D8A5B982350F"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_fraud_protection_service:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"90819202-D6CE-4742-957E-32653AD75AB2"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_global_traffic_manager:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"5E4DCF86-3120-4D11-8233-9E41BF6F1577"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_link_controller:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"C3978168-BE6E-41DB-92A2-99843137BBFC"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_local_traffic_manager:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"2BBB888F-2AAF-4F90-82F7-12A79A5D9EC1"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_policy_enforcement_manager:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"EA18854A-929E-4D5E-B2EC-9AC31A5694C6"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_ssl_orchestrator:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"AB4EFA9A-FBB9-437C-9789-7C4EB489DD59"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_webaccelerator:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"900D8242-3139-443E-98A3-30A7D9A0CA42"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_websafe:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"4DF82E2E-B438-4205-8A58-802A1F22EB3E"}]}]}],"references":[{"url":"https://my.f5.com/manage/s/article/K000160874","source":"f5sirt@f5.com","tags":["Mitigation","Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-39458","sourceIdentifier":"f5sirt@f5.com","published":"2026-05-13T16:16:41.223","lastModified":"2026-06-29T14:15:06.287","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"When a BIG-IP DNS profile enabled with DNS cache is configured on a virtual server, undisclosed traffic can cause the Traffic Management Microkernel (TMM) to terminate.  Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated."}],"affected":[{"source":"f5sirt@f5.com","affectedData":[{"vendor":"F5","product":"BIG-IP","defaultStatus":"unknown","modules":["All Modules"],"versions":[{"version":"21.1.0","lessThan":"*","versionType":"custom","status":"unaffected"},{"version":"21.0.0","lessThan":"21.0.0.1","versionType":"custom","status":"affected"},{"version":"17.5.0","lessThan":"17.5.1.6","versionType":"custom","status":"affected"},{"version":"17.1.0","lessThan":"17.1.3.2","versionType":"custom","status":"affected"},{"version":"16.1.0","lessThan":"*","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"f5sirt@f5.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":8.7,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"NONE","userInteraction":"NONE","vulnConfidentialityImpact":"NONE","vulnIntegrityImpact":"NONE","vulnAvailabilityImpact":"HIGH","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"f5sirt@f5.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-05-13T15:57:30.714703Z","id":"CVE-2026-39458","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"f5sirt@f5.com","type":"Secondary","description":[{"lang":"en","value":"CWE-824"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"84ACD36F-E97D-4DDA-A8FD-D911095C1035"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"BD71EC53-8ABC-410F-B031-0B3288D2E8DF"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"1E446AEE-1CB7-411C-9549-0E12C2EBBF9C"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"AFDDB2A2-3B00-4454-A5BA-F181972B8B70"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"D186FF46-E0B0-4B54-9EA9-87AD379FA600"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"4AFFB39F-3E07-4316-9DD6-C36407B09C20"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"06CB53ED-B0CF-45D0-BF6B-C07C2B5AD3DA"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"A6E75F5E-8C80-4287-84BF-6676B1029AA6"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"2F330E98-E773-4D93-855D-1D82644B3F73"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"26D5B297-AAD7-4DF5-9C24-E9550DF2793A"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"59042348-3748-48E0-B78B-D978C6B241B2"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"5082DEBB-5C7F-41A2-B48F-0C72C3A6782B"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_application_visibility_and_reporting:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"B010CF79-60CD-4B4C-BDCA-61FBD59397B9"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_application_visibility_and_reporting:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"39AA59D4-6DE8-4ABA-9EEB-840755CA76A2"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_automation_toolchain:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"6C89D1A8-D453-4A12-97EA-6642F98FDA27"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_automation_toolchain:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"83FBED4E-1977-45EF-8D33-4A24D81BFE7C"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_carrier-grade_nat:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"54BB0364-2EFA-442B-9DB2-3A49677D965C"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_carrier-grade_nat:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"F64237A9-9AF0-4D01-958F-753862C33ABF"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_container_ingress_services:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"2727CEE5-75FD-4345-88C1-3ED60AAF7DE3"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_container_ingress_services:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"205B3D36-A3D8-4859-A3C4-2FA432B4A162"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_ddos_hybrid_defender:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"EA180633-8625-4F8E-90E2-235BCD334256"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_ddos_hybrid_defender:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"66DDBE6D-423A-4F60-9D06-0E10CB93FB66"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"35FF40AC-3A3E-4B4B-83F4-BB6048FEBB72"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"E0B21289-FB5C-47FA-B054-50341236260D"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"C83BE4EC-8775-4FF4-B362-9E6EBDD53A04"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"C7F7C488-8C01-4EE7-A244-259237F06668"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"556AEFC8-8D4C-4E5A-9051-77424FAAC9D1"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"E649795C-1B70-411B-B744-E0728109474D"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"93597117-087D-4AAC-884F-8E1400D645FA"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"131D329E-0351-402B-BC67-698DC1C9A83E"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"2F95824A-E1F8-412E-B59D-8278AE3CB571"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"C8EF0B1D-AE26-4283-8D84-5CECB245652F"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"4996DCE3-8F39-4917-96A0-2C44C900DEE0"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"AA1487CA-A5F3-4689-9458-7309C2E17C9E"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"48DBF1EA-4DFD-402F-81BC-430B7D74C5FD"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"7F234CDF-C413-4E70-9A97-6467ADB33EA9"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_ssl_orchestrator:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"BA32DFFC-6412-4BA9-9382-5E307539AF4D"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_ssl_orchestrator:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"BCBD1B79-3FC1-4288-BEF8-E5D60DA939A6"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"D25B01D7-F665-47EE-9185-40581A6C3DA0"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"83AD64DE-7D0B-4380-89E0-A06817B21606"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_websafe:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"4AE71FB5-6842-4822-9CA4-1427BC9187BF"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_websafe:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"F1516CC2-94CA-4FB2-AC5A-6CFB0580980C"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"BD3A2286-B181-47DA-BCB3-A9D0E0B357AC"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"004CBB88-E617-4A0A-BE42-E1E6BB52D736"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"920FA89D-E154-4936-B88E-8B60D5B39B40"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"94ADD021-8229-4CDE-AE73-33FB1BD4A3C5"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"216A1ED3-D0CD-4A08-B9E8-A5B54942E831"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"CA7B9727-7694-4D1B-8B48-175196544050"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_application_visibility_and_reporting:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"5481F477-166F-4321-80A0-539095C6B829"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_automation_toolchain:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"5462B02C-4414-4B14-A671-D8993BD9511D"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_carrier-grade_nat:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"4A6B33EA-BD41-45A1-801F-BF2439E4F501"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_container_ingress_services:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"972BEB00-AAC3-42F7-BB45-881E1A3D1131"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_ddos_hybrid_defender:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"226B7285-7977-4BBC-947E-E9541E1AAB89"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"8B49FF41-861D-488F-94DC-DAE222A9BE0D"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"4962EDD5-384F-4ABC-8696-8C4AACEE19BD"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"CE7A5976-AAA0-4FF1-ADAC-4547F24765FA"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"5728B748-0795-4056-91E8-B3A0DB3A3081"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"C453B7CE-FBA6-46E7-975D-61D7A18773F9"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"EC77DFC2-A3DC-46E6-9419-0ABA84CD275E"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"25701935-02F5-4BD8-95F0-6693C6606558"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_ssl_orchestrator:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"AC71E265-C7B7-4A78-B73A-32B5FECE5D36"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"8B029869-31AB-4FE2-846E-FC6F7133ADF8"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_websafe:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"2760AEE2-DCA4-4ED8-92DE-F409EED1A7D9"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_access_policy_manager:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"F10F963B-348A-4819-9109-EF0F2304CCDB"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_advanced_firewall_manager:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"003B47C5-A8E3-4ECD-B0E1-6FD3BCC6C00A"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"CCCB38CF-FCDA-4E62-8BEA-70DE61D617B4"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_analytics:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"B1489ACC-1DCF-4107-A7A5-12E675B522F3"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_application_acceleration_manager:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"B63EC396-5C6D-4F2B-AA4B-48C19A2DEF40"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_application_security_manager:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"E8F401DC-AEE8-4DA1-8D54-51086557F0CC"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_application_visibility_and_reporting:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"EB3D5211-78EA-479C-A468-F3DD867DA377"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_automation_toolchain:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"4BF32E2A-2837-4F02-98D4-EC8D4AD7629A"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_carrier-grade_nat:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"7918553F-3A00-4F1F-8007-40C440D30EDC"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_container_ingress_services:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"63F0B2DD-6D9C-4A4E-AB9A-E417D0BA9725"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_ddos_hybrid_defender:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"961FD6A4-3969-4A7B-B154-71AB91102EDB"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_domain_name_system:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"0EA3A0ED-753C-4909-8EDC-294AF6873791"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_edge_gateway:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"B22E4040-EC36-44B7-AE6F-D8A5B982350F"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_fraud_protection_service:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"90819202-D6CE-4742-957E-32653AD75AB2"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_global_traffic_manager:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"5E4DCF86-3120-4D11-8233-9E41BF6F1577"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_link_controller:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"C3978168-BE6E-41DB-92A2-99843137BBFC"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_local_traffic_manager:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"2BBB888F-2AAF-4F90-82F7-12A79A5D9EC1"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_policy_enforcement_manager:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"EA18854A-929E-4D5E-B2EC-9AC31A5694C6"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_ssl_orchestrator:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"AB4EFA9A-FBB9-437C-9789-7C4EB489DD59"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_webaccelerator:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"900D8242-3139-443E-98A3-30A7D9A0CA42"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_websafe:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"4DF82E2E-B438-4205-8A58-802A1F22EB3E"}]}]}],"references":[{"url":"https://my.f5.com/manage/s/article/K000160945","source":"f5sirt@f5.com","tags":["Mitigation","Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-39459","sourceIdentifier":"f5sirt@f5.com","published":"2026-05-13T16:16:41.380","lastModified":"2026-06-29T17:26:04.690","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"A vulnerability exists in iControl REST and the TMOS Shell (tmsh) where a highly privileged, authenticated attacker with at least the Manager role can create configuration objects that allow running arbitrary commands.\n\n Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated."}],"affected":[{"source":"f5sirt@f5.com","affectedData":[{"vendor":"F5","product":"BIG-IP","defaultStatus":"unknown","modules":["All Modules"],"versions":[{"version":"21.1.0","lessThan":"*","versionType":"custom","status":"unaffected"},{"version":"21.0.0","lessThan":"21.0.0.2","versionType":"custom","status":"affected"},{"version":"17.5.0","lessThan":"17.5.1.6","versionType":"custom","status":"affected"},{"version":"17.1.0","lessThan":"17.1.3.2","versionType":"custom","status":"affected"},{"version":"16.1.0","lessThan":"*","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"f5sirt@f5.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":8.6,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"HIGH","userInteraction":"NONE","vulnConfidentialityImpact":"HIGH","vulnIntegrityImpact":"HIGH","vulnAvailabilityImpact":"HIGH","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"f5sirt@f5.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H","baseScore":7.2,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.2,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-05-13T00:00:00+00:00","id":"CVE-2026-39459","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"f5sirt@f5.com","type":"Secondary","description":[{"lang":"en","value":"CWE-272"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"84ACD36F-E97D-4DDA-A8FD-D911095C1035"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"BD71EC53-8ABC-410F-B031-0B3288D2E8DF"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"1E446AEE-1CB7-411C-9549-0E12C2EBBF9C"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"AFDDB2A2-3B00-4454-A5BA-F181972B8B70"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"D186FF46-E0B0-4B54-9EA9-87AD379FA600"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"4AFFB39F-3E07-4316-9DD6-C36407B09C20"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"06CB53ED-B0CF-45D0-BF6B-C07C2B5AD3DA"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"A6E75F5E-8C80-4287-84BF-6676B1029AA6"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"2F330E98-E773-4D93-855D-1D82644B3F73"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"26D5B297-AAD7-4DF5-9C24-E9550DF2793A"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"59042348-3748-48E0-B78B-D978C6B241B2"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"5082DEBB-5C7F-41A2-B48F-0C72C3A6782B"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_application_visibility_and_reporting:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"B010CF79-60CD-4B4C-BDCA-61FBD59397B9"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_application_visibility_and_reporting:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"39AA59D4-6DE8-4ABA-9EEB-840755CA76A2"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_automation_toolchain:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"6C89D1A8-D453-4A12-97EA-6642F98FDA27"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_automation_toolchain:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"83FBED4E-1977-45EF-8D33-4A24D81BFE7C"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_carrier-grade_nat:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"54BB0364-2EFA-442B-9DB2-3A49677D965C"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_carrier-grade_nat:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"F64237A9-9AF0-4D01-958F-753862C33ABF"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_container_ingress_services:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"2727CEE5-75FD-4345-88C1-3ED60AAF7DE3"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_container_ingress_services:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"205B3D36-A3D8-4859-A3C4-2FA432B4A162"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_ddos_hybrid_defender:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"EA180633-8625-4F8E-90E2-235BCD334256"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_ddos_hybrid_defender:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"66DDBE6D-423A-4F60-9D06-0E10CB93FB66"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"35FF40AC-3A3E-4B4B-83F4-BB6048FEBB72"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"E0B21289-FB5C-47FA-B054-50341236260D"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"C83BE4EC-8775-4FF4-B362-9E6EBDD53A04"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"C7F7C488-8C01-4EE7-A244-259237F06668"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"556AEFC8-8D4C-4E5A-9051-77424FAAC9D1"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"E649795C-1B70-411B-B744-E0728109474D"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"93597117-087D-4AAC-884F-8E1400D645FA"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"131D329E-0351-402B-BC67-698DC1C9A83E"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"2F95824A-E1F8-412E-B59D-8278AE3CB571"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"C8EF0B1D-AE26-4283-8D84-5CECB245652F"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"4996DCE3-8F39-4917-96A0-2C44C900DEE0"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"AA1487CA-A5F3-4689-9458-7309C2E17C9E"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"48DBF1EA-4DFD-402F-81BC-430B7D74C5FD"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"7F234CDF-C413-4E70-9A97-6467ADB33EA9"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_ssl_orchestrator:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"BA32DFFC-6412-4BA9-9382-5E307539AF4D"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_ssl_orchestrator:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"BCBD1B79-3FC1-4288-BEF8-E5D60DA939A6"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"D25B01D7-F665-47EE-9185-40581A6C3DA0"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"83AD64DE-7D0B-4380-89E0-A06817B21606"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_websafe:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"4AE71FB5-6842-4822-9CA4-1427BC9187BF"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_websafe:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"F1516CC2-94CA-4FB2-AC5A-6CFB0580980C"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"BD3A2286-B181-47DA-BCB3-A9D0E0B357AC"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"004CBB88-E617-4A0A-BE42-E1E6BB52D736"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"920FA89D-E154-4936-B88E-8B60D5B39B40"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"94ADD021-8229-4CDE-AE73-33FB1BD4A3C5"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"216A1ED3-D0CD-4A08-B9E8-A5B54942E831"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"CA7B9727-7694-4D1B-8B48-175196544050"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_application_visibility_and_reporting:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"5481F477-166F-4321-80A0-539095C6B829"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_automation_toolchain:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"5462B02C-4414-4B14-A671-D8993BD9511D"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_carrier-grade_nat:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"4A6B33EA-BD41-45A1-801F-BF2439E4F501"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_container_ingress_services:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"972BEB00-AAC3-42F7-BB45-881E1A3D1131"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_ddos_hybrid_defender:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"226B7285-7977-4BBC-947E-E9541E1AAB89"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"8B49FF41-861D-488F-94DC-DAE222A9BE0D"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"4962EDD5-384F-4ABC-8696-8C4AACEE19BD"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"CE7A5976-AAA0-4FF1-ADAC-4547F24765FA"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"5728B748-0795-4056-91E8-B3A0DB3A3081"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"C453B7CE-FBA6-46E7-975D-61D7A18773F9"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"EC77DFC2-A3DC-46E6-9419-0ABA84CD275E"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"25701935-02F5-4BD8-95F0-6693C6606558"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_ssl_orchestrator:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"AC71E265-C7B7-4A78-B73A-32B5FECE5D36"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"8B029869-31AB-4FE2-846E-FC6F7133ADF8"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_websafe:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"2760AEE2-DCA4-4ED8-92DE-F409EED1A7D9"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_access_policy_manager:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"F10F963B-348A-4819-9109-EF0F2304CCDB"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_advanced_firewall_manager:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"003B47C5-A8E3-4ECD-B0E1-6FD3BCC6C00A"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"CCCB38CF-FCDA-4E62-8BEA-70DE61D617B4"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_analytics:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"B1489ACC-1DCF-4107-A7A5-12E675B522F3"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_application_acceleration_manager:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"B63EC396-5C6D-4F2B-AA4B-48C19A2DEF40"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_application_security_manager:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"E8F401DC-AEE8-4DA1-8D54-51086557F0CC"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_application_visibility_and_reporting:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"EB3D5211-78EA-479C-A468-F3DD867DA377"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_automation_toolchain:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"4BF32E2A-2837-4F02-98D4-EC8D4AD7629A"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_carrier-grade_nat:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"7918553F-3A00-4F1F-8007-40C440D30EDC"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_container_ingress_services:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"63F0B2DD-6D9C-4A4E-AB9A-E417D0BA9725"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_ddos_hybrid_defender:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"961FD6A4-3969-4A7B-B154-71AB91102EDB"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_domain_name_system:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"0EA3A0ED-753C-4909-8EDC-294AF6873791"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_edge_gateway:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"B22E4040-EC36-44B7-AE6F-D8A5B982350F"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_fraud_protection_service:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"90819202-D6CE-4742-957E-32653AD75AB2"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_global_traffic_manager:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"5E4DCF86-3120-4D11-8233-9E41BF6F1577"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_link_controller:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"C3978168-BE6E-41DB-92A2-99843137BBFC"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_local_traffic_manager:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"2BBB888F-2AAF-4F90-82F7-12A79A5D9EC1"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_policy_enforcement_manager:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"EA18854A-929E-4D5E-B2EC-9AC31A5694C6"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_ssl_orchestrator:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"AB4EFA9A-FBB9-437C-9789-7C4EB489DD59"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_webaccelerator:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"900D8242-3139-443E-98A3-30A7D9A0CA42"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_websafe:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"4DF82E2E-B438-4205-8A58-802A1F22EB3E"}]}]}],"references":[{"url":"https://my.f5.com/manage/s/article/K000160863","source":"f5sirt@f5.com","tags":["Mitigation","Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-40060","sourceIdentifier":"f5sirt@f5.com","published":"2026-05-13T16:16:42.143","lastModified":"2026-06-29T14:15:34.097","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"When a BIG-IP Advanced WAF or ASM security policy is configured on a virtual server, undisclosed requests can cause the bd process to terminate. \n\n \n\n\nNote: Software versions which have reached End of Technical Support (EoTS) are not evaluated."}],"affected":[{"source":"f5sirt@f5.com","affectedData":[{"vendor":"F5","product":"BIG-IP","defaultStatus":"unknown","modules":["Advanced WAF"],"versions":[{"version":"21.1.0","lessThan":"*","versionType":"custom","status":"unaffected"},{"version":"21.0.0","lessThan":"21.0.0.1","versionType":"custom","status":"affected"},{"version":"17.5.0","lessThan":"17.5.1.4","versionType":"custom","status":"affected"},{"version":"17.1.0","lessThan":"17.1.3.1","versionType":"custom","status":"affected"},{"version":"16.1.0","lessThan":"*","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"f5sirt@f5.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":8.7,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"NONE","userInteraction":"NONE","vulnConfidentialityImpact":"NONE","vulnIntegrityImpact":"NONE","vulnAvailabilityImpact":"HIGH","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"f5sirt@f5.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-05-13T16:02:39.431474Z","id":"CVE-2026-40060","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"f5sirt@f5.com","type":"Secondary","description":[{"lang":"en","value":"CWE-252"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"CA7B9727-7694-4D1B-8B48-175196544050"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"59042348-3748-48E0-B78B-D978C6B241B2"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"5082DEBB-5C7F-41A2-B48F-0C72C3A6782B"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_application_security_manager:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"E8F401DC-AEE8-4DA1-8D54-51086557F0CC"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"920FA89D-E154-4936-B88E-8B60D5B39B40"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"D186FF46-E0B0-4B54-9EA9-87AD379FA600"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"4AFFB39F-3E07-4316-9DD6-C36407B09C20"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"CCCB38CF-FCDA-4E62-8BEA-70DE61D617B4"}]}]}],"references":[{"url":"https://my.f5.com/manage/s/article/K000160727","source":"f5sirt@f5.com","tags":["Mitigation","Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-40061","sourceIdentifier":"f5sirt@f5.com","published":"2026-05-13T16:16:42.283","lastModified":"2026-06-29T17:23:27.130","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"When BIG-IP DNS is provisioned, a vulnerability exists in an undisclosed iControl REST and BIG-IP TMOS Shell (tmsh) command that may allow an authenticated attacker with the Resource Administrator or Administrator role to execute arbitrary system commands with higher privileges. In Appliance mode deployments, a successful exploit can allow the attacker to cross a security boundary.  Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated."}],"affected":[{"source":"f5sirt@f5.com","affectedData":[{"vendor":"F5","product":"BIG-IP","defaultStatus":"unknown","modules":["All Modules"],"versions":[{"version":"21.1.0","lessThan":"*","versionType":"custom","status":"unaffected"},{"version":"21.0.0","lessThan":"21.0.0.1","versionType":"custom","status":"affected"},{"version":"17.5.0","lessThan":"17.5.1.4","versionType":"custom","status":"affected"},{"version":"17.1.0","lessThan":"17.1.3.1","versionType":"custom","status":"affected"},{"version":"16.1.0","lessThan":"*","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"f5sirt@f5.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":8.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"HIGH","userInteraction":"NONE","vulnConfidentialityImpact":"HIGH","vulnIntegrityImpact":"HIGH","vulnAvailabilityImpact":"NONE","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"f5sirt@f5.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:N","baseScore":8.7,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":2.3,"impactScore":5.8}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-05-13T00:00:00+00:00","id":"CVE-2026-40061","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"f5sirt@f5.com","type":"Secondary","description":[{"lang":"en","value":"CWE-77"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"8B49FF41-861D-488F-94DC-DAE222A9BE0D"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"35FF40AC-3A3E-4B4B-83F4-BB6048FEBB72"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"E0B21289-FB5C-47FA-B054-50341236260D"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_domain_name_system:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"0EA3A0ED-753C-4909-8EDC-294AF6873791"}]}]}],"references":[{"url":"https://my.f5.com/manage/s/article/K000160788","source":"f5sirt@f5.com","tags":["Mitigation","Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-40067","sourceIdentifier":"f5sirt@f5.com","published":"2026-05-13T16:16:42.427","lastModified":"2026-06-29T14:15:55.000","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"When a BIG-IP APM access policy is configured on a virtual server, undisclosed traffic can cause the apmd process to terminate.\n\n Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated."}],"affected":[{"source":"f5sirt@f5.com","affectedData":[{"vendor":"F5","product":"BIG-IP","defaultStatus":"unknown","modules":["APM"],"versions":[{"version":"21.1.0","lessThan":"*","versionType":"custom","status":"unaffected"},{"version":"21.0.0","lessThan":"21.0.0.1","versionType":"custom","status":"affected"},{"version":"17.5.0","lessThan":"17.5.1.4","versionType":"custom","status":"affected"},{"version":"17.1.0","lessThan":"17.1.3.1","versionType":"custom","status":"affected"},{"version":"16.1.0","lessThan":"*","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"f5sirt@f5.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":8.7,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"NONE","userInteraction":"NONE","vulnConfidentialityImpact":"NONE","vulnIntegrityImpact":"NONE","vulnAvailabilityImpact":"HIGH","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"f5sirt@f5.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-05-13T15:59:53.282188Z","id":"CVE-2026-40067","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"f5sirt@f5.com","type":"Secondary","description":[{"lang":"en","value":"CWE-120"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"BD3A2286-B181-47DA-BCB3-A9D0E0B357AC"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"84ACD36F-E97D-4DDA-A8FD-D911095C1035"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"BD71EC53-8ABC-410F-B031-0B3288D2E8DF"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_access_policy_manager:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"F10F963B-348A-4819-9109-EF0F2304CCDB"}]}]}],"references":[{"url":"https://my.f5.com/manage/s/article/K000161056","source":"f5sirt@f5.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-40423","sourceIdentifier":"f5sirt@f5.com","published":"2026-05-13T16:16:42.560","lastModified":"2026-06-29T14:16:21.740","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"When a SIP profile is configured on a virtual server, undisclosed traffic can cause the Traffic Management Microkernel (TMM) to terminate.\n\n Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated."}],"affected":[{"source":"f5sirt@f5.com","affectedData":[{"vendor":"F5","product":"BIG-IP","defaultStatus":"unknown","modules":["All Modules"],"versions":[{"version":"21.1.0","lessThan":"*","versionType":"custom","status":"unaffected"},{"version":"21.0.0","lessThan":"21.0.0.2","versionType":"custom","status":"affected"},{"version":"17.5.0","lessThan":"17.5.1.6","versionType":"custom","status":"affected"},{"version":"17.1.0","lessThan":"17.1.3.2","versionType":"custom","status":"affected"},{"version":"16.1.0","lessThan":"*","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"f5sirt@f5.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":8.7,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"NONE","userInteraction":"NONE","vulnConfidentialityImpact":"NONE","vulnIntegrityImpact":"NONE","vulnAvailabilityImpact":"HIGH","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"f5sirt@f5.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-05-13T15:56:17.084850Z","id":"CVE-2026-40423","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"f5sirt@f5.com","type":"Secondary","description":[{"lang":"en","value":"CWE-770"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"84ACD36F-E97D-4DDA-A8FD-D911095C1035"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"BD71EC53-8ABC-410F-B031-0B3288D2E8DF"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"1E446AEE-1CB7-411C-9549-0E12C2EBBF9C"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"AFDDB2A2-3B00-4454-A5BA-F181972B8B70"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"D186FF46-E0B0-4B54-9EA9-87AD379FA600"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"4AFFB39F-3E07-4316-9DD6-C36407B09C20"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"06CB53ED-B0CF-45D0-BF6B-C07C2B5AD3DA"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"A6E75F5E-8C80-4287-84BF-6676B1029AA6"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"2F330E98-E773-4D93-855D-1D82644B3F73"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"26D5B297-AAD7-4DF5-9C24-E9550DF2793A"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"59042348-3748-48E0-B78B-D978C6B241B2"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"5082DEBB-5C7F-41A2-B48F-0C72C3A6782B"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_application_visibility_and_reporting:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"B010CF79-60CD-4B4C-BDCA-61FBD59397B9"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_application_visibility_and_reporting:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"39AA59D4-6DE8-4ABA-9EEB-840755CA76A2"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_automation_toolchain:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"6C89D1A8-D453-4A12-97EA-6642F98FDA27"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_automation_toolchain:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"83FBED4E-1977-45EF-8D33-4A24D81BFE7C"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_carrier-grade_nat:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"54BB0364-2EFA-442B-9DB2-3A49677D965C"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_carrier-grade_nat:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"F64237A9-9AF0-4D01-958F-753862C33ABF"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_container_ingress_services:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"2727CEE5-75FD-4345-88C1-3ED60AAF7DE3"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_container_ingress_services:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"205B3D36-A3D8-4859-A3C4-2FA432B4A162"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_ddos_hybrid_defender:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"EA180633-8625-4F8E-90E2-235BCD334256"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_ddos_hybrid_defender:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"66DDBE6D-423A-4F60-9D06-0E10CB93FB66"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"35FF40AC-3A3E-4B4B-83F4-BB6048FEBB72"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"E0B21289-FB5C-47FA-B054-50341236260D"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"C83BE4EC-8775-4FF4-B362-9E6EBDD53A04"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"C7F7C488-8C01-4EE7-A244-259237F06668"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"556AEFC8-8D4C-4E5A-9051-77424FAAC9D1"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"E649795C-1B70-411B-B744-E0728109474D"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"93597117-087D-4AAC-884F-8E1400D645FA"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"131D329E-0351-402B-BC67-698DC1C9A83E"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"2F95824A-E1F8-412E-B59D-8278AE3CB571"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"C8EF0B1D-AE26-4283-8D84-5CECB245652F"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"4996DCE3-8F39-4917-96A0-2C44C900DEE0"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"AA1487CA-A5F3-4689-9458-7309C2E17C9E"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"48DBF1EA-4DFD-402F-81BC-430B7D74C5FD"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"7F234CDF-C413-4E70-9A97-6467ADB33EA9"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_ssl_orchestrator:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"BA32DFFC-6412-4BA9-9382-5E307539AF4D"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_ssl_orchestrator:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"BCBD1B79-3FC1-4288-BEF8-E5D60DA939A6"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"D25B01D7-F665-47EE-9185-40581A6C3DA0"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"83AD64DE-7D0B-4380-89E0-A06817B21606"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_websafe:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"4AE71FB5-6842-4822-9CA4-1427BC9187BF"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_websafe:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"F1516CC2-94CA-4FB2-AC5A-6CFB0580980C"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"BD3A2286-B181-47DA-BCB3-A9D0E0B357AC"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"004CBB88-E617-4A0A-BE42-E1E6BB52D736"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"920FA89D-E154-4936-B88E-8B60D5B39B40"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"94ADD021-8229-4CDE-AE73-33FB1BD4A3C5"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"216A1ED3-D0CD-4A08-B9E8-A5B54942E831"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"CA7B9727-7694-4D1B-8B48-175196544050"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_application_visibility_and_reporting:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"5481F477-166F-4321-80A0-539095C6B829"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_automation_toolchain:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"5462B02C-4414-4B14-A671-D8993BD9511D"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_carrier-grade_nat:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"4A6B33EA-BD41-45A1-801F-BF2439E4F501"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_container_ingress_services:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"972BEB00-AAC3-42F7-BB45-881E1A3D1131"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_ddos_hybrid_defender:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"226B7285-7977-4BBC-947E-E9541E1AAB89"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"8B49FF41-861D-488F-94DC-DAE222A9BE0D"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"4962EDD5-384F-4ABC-8696-8C4AACEE19BD"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"CE7A5976-AAA0-4FF1-ADAC-4547F24765FA"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"5728B748-0795-4056-91E8-B3A0DB3A3081"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"C453B7CE-FBA6-46E7-975D-61D7A18773F9"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"EC77DFC2-A3DC-46E6-9419-0ABA84CD275E"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"25701935-02F5-4BD8-95F0-6693C6606558"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_ssl_orchestrator:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"AC71E265-C7B7-4A78-B73A-32B5FECE5D36"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"8B029869-31AB-4FE2-846E-FC6F7133ADF8"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_websafe:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"2760AEE2-DCA4-4ED8-92DE-F409EED1A7D9"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_access_policy_manager:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"F10F963B-348A-4819-9109-EF0F2304CCDB"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_advanced_firewall_manager:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"003B47C5-A8E3-4ECD-B0E1-6FD3BCC6C00A"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"CCCB38CF-FCDA-4E62-8BEA-70DE61D617B4"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_analytics:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"B1489ACC-1DCF-4107-A7A5-12E675B522F3"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_application_acceleration_manager:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"B63EC396-5C6D-4F2B-AA4B-48C19A2DEF40"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_application_security_manager:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"E8F401DC-AEE8-4DA1-8D54-51086557F0CC"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_application_visibility_and_reporting:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"EB3D5211-78EA-479C-A468-F3DD867DA377"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_automation_toolchain:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"4BF32E2A-2837-4F02-98D4-EC8D4AD7629A"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_carrier-grade_nat:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"7918553F-3A00-4F1F-8007-40C440D30EDC"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_container_ingress_services:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"63F0B2DD-6D9C-4A4E-AB9A-E417D0BA9725"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_ddos_hybrid_defender:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"961FD6A4-3969-4A7B-B154-71AB91102EDB"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_domain_name_system:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"0EA3A0ED-753C-4909-8EDC-294AF6873791"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_edge_gateway:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"B22E4040-EC36-44B7-AE6F-D8A5B982350F"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_fraud_protection_service:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"90819202-D6CE-4742-957E-32653AD75AB2"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_global_traffic_manager:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"5E4DCF86-3120-4D11-8233-9E41BF6F1577"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_link_controller:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"C3978168-BE6E-41DB-92A2-99843137BBFC"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_local_traffic_manager:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"2BBB888F-2AAF-4F90-82F7-12A79A5D9EC1"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_policy_enforcement_manager:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"EA18854A-929E-4D5E-B2EC-9AC31A5694C6"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_ssl_orchestrator:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"AB4EFA9A-FBB9-437C-9789-7C4EB489DD59"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_webaccelerator:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"900D8242-3139-443E-98A3-30A7D9A0CA42"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_websafe:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"4DF82E2E-B438-4205-8A58-802A1F22EB3E"}]}]}],"references":[{"url":"https://my.f5.com/manage/s/article/K000161023","source":"f5sirt@f5.com","tags":["Mitigation","Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-40435","sourceIdentifier":"f5sirt@f5.com","published":"2026-05-13T16:16:42.697","lastModified":"2026-06-29T14:16:31.830","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"When configured, IP-based access restrictions for httpd do not cover all endpoints, which may allow connections from blocked addresses.  Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated."}],"affected":[{"source":"f5sirt@f5.com","affectedData":[{"vendor":"F5","product":"BIG-IP","defaultStatus":"unknown","modules":["All Modules"],"versions":[{"version":"21.0.0","lessThan":"*","versionType":"custom","status":"unaffected"},{"version":"17.5.0","lessThan":"17.5.1.4","versionType":"custom","status":"affected"},{"version":"17.1.0","lessThan":"17.1.3.1","versionType":"custom","status":"affected"},{"version":"16.1.0","lessThan":"*","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"f5sirt@f5.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":6.9,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"NONE","userInteraction":"NONE","vulnConfidentialityImpact":"LOW","vulnIntegrityImpact":"NONE","vulnAvailabilityImpact":"NONE","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"f5sirt@f5.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N","baseScore":5.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":1.4}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-05-13T16:00:56.205672Z","id":"CVE-2026-40435","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"f5sirt@f5.com","type":"Secondary","description":[{"lang":"en","value":"CWE-420"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"84ACD36F-E97D-4DDA-A8FD-D911095C1035"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"BD71EC53-8ABC-410F-B031-0B3288D2E8DF"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"1E446AEE-1CB7-411C-9549-0E12C2EBBF9C"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"AFDDB2A2-3B00-4454-A5BA-F181972B8B70"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"D186FF46-E0B0-4B54-9EA9-87AD379FA600"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"4AFFB39F-3E07-4316-9DD6-C36407B09C20"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"06CB53ED-B0CF-45D0-BF6B-C07C2B5AD3DA"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"A6E75F5E-8C80-4287-84BF-6676B1029AA6"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"2F330E98-E773-4D93-855D-1D82644B3F73"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"26D5B297-AAD7-4DF5-9C24-E9550DF2793A"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"59042348-3748-48E0-B78B-D978C6B241B2"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"5082DEBB-5C7F-41A2-B48F-0C72C3A6782B"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_application_visibility_and_reporting:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"B010CF79-60CD-4B4C-BDCA-61FBD59397B9"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_application_visibility_and_reporting:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"39AA59D4-6DE8-4ABA-9EEB-840755CA76A2"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_automation_toolchain:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"6C89D1A8-D453-4A12-97EA-6642F98FDA27"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_automation_toolchain:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"83FBED4E-1977-45EF-8D33-4A24D81BFE7C"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_carrier-grade_nat:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"54BB0364-2EFA-442B-9DB2-3A49677D965C"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_carrier-grade_nat:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"F64237A9-9AF0-4D01-958F-753862C33ABF"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_container_ingress_services:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"2727CEE5-75FD-4345-88C1-3ED60AAF7DE3"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_container_ingress_services:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"205B3D36-A3D8-4859-A3C4-2FA432B4A162"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_ddos_hybrid_defender:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"EA180633-8625-4F8E-90E2-235BCD334256"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_ddos_hybrid_defender:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"66DDBE6D-423A-4F60-9D06-0E10CB93FB66"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"35FF40AC-3A3E-4B4B-83F4-BB6048FEBB72"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"E0B21289-FB5C-47FA-B054-50341236260D"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"C83BE4EC-8775-4FF4-B362-9E6EBDD53A04"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"C7F7C488-8C01-4EE7-A244-259237F06668"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"556AEFC8-8D4C-4E5A-9051-77424FAAC9D1"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"E649795C-1B70-411B-B744-E0728109474D"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"93597117-087D-4AAC-884F-8E1400D645FA"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"131D329E-0351-402B-BC67-698DC1C9A83E"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"2F95824A-E1F8-412E-B59D-8278AE3CB571"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"C8EF0B1D-AE26-4283-8D84-5CECB245652F"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"4996DCE3-8F39-4917-96A0-2C44C900DEE0"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"AA1487CA-A5F3-4689-9458-7309C2E17C9E"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"48DBF1EA-4DFD-402F-81BC-430B7D74C5FD"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"7F234CDF-C413-4E70-9A97-6467ADB33EA9"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_ssl_orchestrator:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"BA32DFFC-6412-4BA9-9382-5E307539AF4D"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_ssl_orchestrator:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"BCBD1B79-3FC1-4288-BEF8-E5D60DA939A6"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"D25B01D7-F665-47EE-9185-40581A6C3DA0"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"83AD64DE-7D0B-4380-89E0-A06817B21606"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_websafe:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"4AE71FB5-6842-4822-9CA4-1427BC9187BF"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_websafe:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"F1516CC2-94CA-4FB2-AC5A-6CFB0580980C"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"BD3A2286-B181-47DA-BCB3-A9D0E0B357AC"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"004CBB88-E617-4A0A-BE42-E1E6BB52D736"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"920FA89D-E154-4936-B88E-8B60D5B39B40"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"94ADD021-8229-4CDE-AE73-33FB1BD4A3C5"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"216A1ED3-D0CD-4A08-B9E8-A5B54942E831"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"CA7B9727-7694-4D1B-8B48-175196544050"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_application_visibility_and_reporting:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"5481F477-166F-4321-80A0-539095C6B829"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_automation_toolchain:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"5462B02C-4414-4B14-A671-D8993BD9511D"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_carrier-grade_nat:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"4A6B33EA-BD41-45A1-801F-BF2439E4F501"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_container_ingress_services:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"972BEB00-AAC3-42F7-BB45-881E1A3D1131"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_ddos_hybrid_defender:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"226B7285-7977-4BBC-947E-E9541E1AAB89"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"8B49FF41-861D-488F-94DC-DAE222A9BE0D"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"4962EDD5-384F-4ABC-8696-8C4AACEE19BD"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"CE7A5976-AAA0-4FF1-ADAC-4547F24765FA"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"5728B748-0795-4056-91E8-B3A0DB3A3081"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"C453B7CE-FBA6-46E7-975D-61D7A18773F9"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"EC77DFC2-A3DC-46E6-9419-0ABA84CD275E"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"25701935-02F5-4BD8-95F0-6693C6606558"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_ssl_orchestrator:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"AC71E265-C7B7-4A78-B73A-32B5FECE5D36"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"8B029869-31AB-4FE2-846E-FC6F7133ADF8"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_websafe:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"2760AEE2-DCA4-4ED8-92DE-F409EED1A7D9"}]}]}],"references":[{"url":"https://my.f5.com/manage/s/article/K000156604","source":"f5sirt@f5.com","tags":["Mitigation","Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-40460","sourceIdentifier":"f5sirt@f5.com","published":"2026-05-13T16:16:42.823","lastModified":"2026-06-29T14:17:01.230","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"When NGINX Plus or NGINX Open Source are configured to use the HTTP/3 QUIC module, an attacker may be able to spoof their source IP address allowing for bypass of authorization or bypass of rate limiting.  Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated."}],"affected":[{"source":"f5sirt@f5.com","affectedData":[{"vendor":"F5","product":"NGINX Plus","defaultStatus":"unknown","modules":["ngx_quic_module"],"versions":[{"version":"R37","lessThan":"*","versionType":"custom","status":"unaffected"},{"version":"R36","lessThan":"R36 P4","versionType":"custom","status":"affected"},{"version":"R32","lessThan":"R32 P6","versionType":"custom","status":"affected"}]},{"vendor":"F5","product":"NGINX Open Source","defaultStatus":"unaffected","modules":["ngx_quic_module"],"versions":[{"version":"1.31.0","lessThan":"*","versionType":"semver","status":"unaffected"},{"version":"1.26.0","lessThan":"1.30.1","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"f5sirt@f5.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":6.9,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"NONE","userInteraction":"NONE","vulnConfidentialityImpact":"LOW","vulnIntegrityImpact":"NONE","vulnAvailabilityImpact":"LOW","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"f5sirt@f5.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"NONE","availabilityImpact":"LOW"},"exploitabilityScore":3.9,"impactScore":2.5}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-05-13T15:54:59.053463Z","id":"CVE-2026-40460","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"f5sirt@f5.com","type":"Secondary","description":[{"lang":"en","value":"CWE-290"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:f5:dos:*:*:*:*:*:nginx:*:*","versionStartIncluding":"4.3.0","versionEndIncluding":"4.7.0","matchCriteriaId":"0772572C-26F9-4FA4-B9E6-BA40ED59F569"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:dos:4.8.0:*:*:*:*:nginx:*:*","matchCriteriaId":"C45452BD-7A86-48E7-8E1D-1B340FF70B3B"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:nginx_gateway_fabric:*:*:*:*:*:*:*:*","versionStartIncluding":"1.3.0","versionEndIncluding":"1.6.2","matchCriteriaId":"15B7F1FD-0C49-460F-9CB8-23DA730EC4BE"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:nginx_gateway_fabric:*:*:*:*:*:*:*:*","versionStartIncluding":"2.0.0","versionEndIncluding":"2.6.0","matchCriteriaId":"0A6AA23F-A7A1-43DE-AD67-0EB1249143A4"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:nginx_ingress_controller:*:*:*:*:*:*:*:*","versionStartIncluding":"3.5.0","versionEndIncluding":"3.7.2","matchCriteriaId":"10D5B143-4C1E-4626-8B49-3EA7160E9256"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:nginx_ingress_controller:*:*:*:*:*:*:*:*","versionStartIncluding":"4.0.0","versionEndIncluding":"4.0.1","matchCriteriaId":"73A1CDBB-49F6-4AB6-AA67-542FD8017D6A"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:nginx_ingress_controller:*:*:*:*:*:*:*:*","versionStartIncluding":"5.0.0","versionEndIncluding":"5.4.2","matchCriteriaId":"607EEFA3-BE2A-4660-8C67-E6FC9799325F"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:nginx_instance_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"2.16.0","versionEndIncluding":"2.22.0","matchCriteriaId":"CBC31553-99DE-4155-A8E5-13A84FCCB610"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:nginx_open_source:*:*:*:*:*:*:*:*","versionStartIncluding":"1.25.0","versionEndIncluding":"1.30.0","matchCriteriaId":"2D0CD5D1-FBBF-4E91-9FBA-DF7824383B9D"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:nginx_plus:*:*:*:*:*:*:*:*","versionStartIncluding":"r32","versionEndIncluding":"r36","matchCriteriaId":"0B153576-468F-48C2-9BC8-922A938AB235"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:waf:*:*:*:*:*:nginx:*:*","versionStartIncluding":"4.9.0","versionEndIncluding":"4.16.0","matchCriteriaId":"F365BA5A-42D7-4024-9143-06D4DEE31212"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:waf:*:*:*:*:*:nginx:*:*","versionStartIncluding":"5.1.0","versionEndIncluding":"5.8.0","matchCriteriaId":"8D720985-9119-480E-929A-7D9D5C083628"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:waf:*:*:*:*:*:nginx:*:*","versionStartIncluding":"5.9.0","versionEndIncluding":"5.12.1","matchCriteriaId":"DE69C522-7FCB-4452-8E33-FCC72D36BF94"}]}]}],"references":[{"url":"https://my.f5.com/manage/s/article/K000161068","source":"f5sirt@f5.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-40462","sourceIdentifier":"f5sirt@f5.com","published":"2026-05-13T16:16:42.960","lastModified":"2026-06-29T17:19:02.240","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Incorrect permission assignment vulnerabilities exist in iControl REST and TMOS shell (tmsh) undisclosed command which may allow an authenticated attacker to view sensitive information.  Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated."}],"affected":[{"source":"f5sirt@f5.com","affectedData":[{"vendor":"F5","product":"BIG-IP","defaultStatus":"unknown","modules":["All Modules"],"versions":[{"version":"21.1.0","lessThan":"*","versionType":"custom","status":"unaffected"},{"version":"21.0.0","lessThan":"21.0.0.1","versionType":"custom","status":"affected"},{"version":"17.5.0","lessThan":"17.5.1.4","versionType":"custom","status":"affected"},{"version":"17.1.0","lessThan":"17.1.3.1","versionType":"custom","status":"affected"},{"version":"16.1.0","lessThan":"*","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"f5sirt@f5.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":7.1,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"LOW","userInteraction":"NONE","vulnConfidentialityImpact":"HIGH","vulnIntegrityImpact":"NONE","vulnAvailabilityImpact":"NONE","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"f5sirt@f5.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-05-13T16:01:11.896222Z","id":"CVE-2026-40462","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"f5sirt@f5.com","type":"Secondary","description":[{"lang":"en","value":"CWE-732"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"84ACD36F-E97D-4DDA-A8FD-D911095C1035"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"BD71EC53-8ABC-410F-B031-0B3288D2E8DF"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"1E446AEE-1CB7-411C-9549-0E12C2EBBF9C"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"AFDDB2A2-3B00-4454-A5BA-F181972B8B70"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"D186FF46-E0B0-4B54-9EA9-87AD379FA600"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"4AFFB39F-3E07-4316-9DD6-C36407B09C20"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"06CB53ED-B0CF-45D0-BF6B-C07C2B5AD3DA"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"A6E75F5E-8C80-4287-84BF-6676B1029AA6"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"2F330E98-E773-4D93-855D-1D82644B3F73"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"26D5B297-AAD7-4DF5-9C24-E9550DF2793A"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"59042348-3748-48E0-B78B-D978C6B241B2"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"5082DEBB-5C7F-41A2-B48F-0C72C3A6782B"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_application_visibility_and_reporting:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"B010CF79-60CD-4B4C-BDCA-61FBD59397B9"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_application_visibility_and_reporting:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"39AA59D4-6DE8-4ABA-9EEB-840755CA76A2"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_automation_toolchain:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"6C89D1A8-D453-4A12-97EA-6642F98FDA27"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_automation_toolchain:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"83FBED4E-1977-45EF-8D33-4A24D81BFE7C"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_carrier-grade_nat:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"54BB0364-2EFA-442B-9DB2-3A49677D965C"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_carrier-grade_nat:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"F64237A9-9AF0-4D01-958F-753862C33ABF"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_container_ingress_services:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"2727CEE5-75FD-4345-88C1-3ED60AAF7DE3"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_container_ingress_services:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"205B3D36-A3D8-4859-A3C4-2FA432B4A162"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_ddos_hybrid_defender:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"EA180633-8625-4F8E-90E2-235BCD334256"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_ddos_hybrid_defender:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"66DDBE6D-423A-4F60-9D06-0E10CB93FB66"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"35FF40AC-3A3E-4B4B-83F4-BB6048FEBB72"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"E0B21289-FB5C-47FA-B054-50341236260D"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"C83BE4EC-8775-4FF4-B362-9E6EBDD53A04"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"C7F7C488-8C01-4EE7-A244-259237F06668"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"556AEFC8-8D4C-4E5A-9051-77424FAAC9D1"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"E649795C-1B70-411B-B744-E0728109474D"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"93597117-087D-4AAC-884F-8E1400D645FA"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"131D329E-0351-402B-BC67-698DC1C9A83E"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"2F95824A-E1F8-412E-B59D-8278AE3CB571"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"C8EF0B1D-AE26-4283-8D84-5CECB245652F"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"4996DCE3-8F39-4917-96A0-2C44C900DEE0"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"AA1487CA-A5F3-4689-9458-7309C2E17C9E"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"48DBF1EA-4DFD-402F-81BC-430B7D74C5FD"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"7F234CDF-C413-4E70-9A97-6467ADB33EA9"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_ssl_orchestrator:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"BA32DFFC-6412-4BA9-9382-5E307539AF4D"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_ssl_orchestrator:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"BCBD1B79-3FC1-4288-BEF8-E5D60DA939A6"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"D25B01D7-F665-47EE-9185-40581A6C3DA0"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"83AD64DE-7D0B-4380-89E0-A06817B21606"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_websafe:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"4AE71FB5-6842-4822-9CA4-1427BC9187BF"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_websafe:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"F1516CC2-94CA-4FB2-AC5A-6CFB0580980C"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_access_policy_manager:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"F10F963B-348A-4819-9109-EF0F2304CCDB"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_advanced_firewall_manager:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"003B47C5-A8E3-4ECD-B0E1-6FD3BCC6C00A"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"CCCB38CF-FCDA-4E62-8BEA-70DE61D617B4"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_analytics:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"B1489ACC-1DCF-4107-A7A5-12E675B522F3"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_application_acceleration_manager:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"B63EC396-5C6D-4F2B-AA4B-48C19A2DEF40"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_application_security_manager:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"E8F401DC-AEE8-4DA1-8D54-51086557F0CC"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_application_visibility_and_reporting:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"EB3D5211-78EA-479C-A468-F3DD867DA377"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_automation_toolchain:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"4BF32E2A-2837-4F02-98D4-EC8D4AD7629A"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_carrier-grade_nat:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"7918553F-3A00-4F1F-8007-40C440D30EDC"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_container_ingress_services:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"63F0B2DD-6D9C-4A4E-AB9A-E417D0BA9725"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_ddos_hybrid_defender:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"961FD6A4-3969-4A7B-B154-71AB91102EDB"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_domain_name_system:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"0EA3A0ED-753C-4909-8EDC-294AF6873791"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_edge_gateway:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"B22E4040-EC36-44B7-AE6F-D8A5B982350F"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_fraud_protection_service:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"90819202-D6CE-4742-957E-32653AD75AB2"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_global_traffic_manager:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"5E4DCF86-3120-4D11-8233-9E41BF6F1577"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_link_controller:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"C3978168-BE6E-41DB-92A2-99843137BBFC"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_local_traffic_manager:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"2BBB888F-2AAF-4F90-82F7-12A79A5D9EC1"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_policy_enforcement_manager:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"EA18854A-929E-4D5E-B2EC-9AC31A5694C6"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_ssl_orchestrator:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"AB4EFA9A-FBB9-437C-9789-7C4EB489DD59"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_webaccelerator:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"900D8242-3139-443E-98A3-30A7D9A0CA42"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_websafe:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"4DF82E2E-B438-4205-8A58-802A1F22EB3E"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"BD3A2286-B181-47DA-BCB3-A9D0E0B357AC"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"004CBB88-E617-4A0A-BE42-E1E6BB52D736"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"920FA89D-E154-4936-B88E-8B60D5B39B40"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"94ADD021-8229-4CDE-AE73-33FB1BD4A3C5"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"216A1ED3-D0CD-4A08-B9E8-A5B54942E831"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"CA7B9727-7694-4D1B-8B48-175196544050"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_application_visibility_and_reporting:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"5481F477-166F-4321-80A0-539095C6B829"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_automation_toolchain:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"5462B02C-4414-4B14-A671-D8993BD9511D"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_carrier-grade_nat:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"4A6B33EA-BD41-45A1-801F-BF2439E4F501"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_container_ingress_services:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"972BEB00-AAC3-42F7-BB45-881E1A3D1131"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_ddos_hybrid_defender:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"226B7285-7977-4BBC-947E-E9541E1AAB89"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"8B49FF41-861D-488F-94DC-DAE222A9BE0D"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"4962EDD5-384F-4ABC-8696-8C4AACEE19BD"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"CE7A5976-AAA0-4FF1-ADAC-4547F24765FA"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"5728B748-0795-4056-91E8-B3A0DB3A3081"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"C453B7CE-FBA6-46E7-975D-61D7A18773F9"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"EC77DFC2-A3DC-46E6-9419-0ABA84CD275E"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"25701935-02F5-4BD8-95F0-6693C6606558"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_ssl_orchestrator:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"AC71E265-C7B7-4A78-B73A-32B5FECE5D36"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"8B029869-31AB-4FE2-846E-FC6F7133ADF8"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_websafe:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"2760AEE2-DCA4-4ED8-92DE-F409EED1A7D9"}]}]}],"references":[{"url":"https://my.f5.com/manage/s/article/K000156581","source":"f5sirt@f5.com","tags":["Mitigation","Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-40618","sourceIdentifier":"f5sirt@f5.com","published":"2026-05-13T16:16:43.097","lastModified":"2026-06-29T14:17:27.553","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"When an SSL profile is configured on a virtual server on BIG-IP Virtual Edition (VE) without Intel QuickAssist Technology (QAT) or on BIG-IP hardware platforms with the database variable crypto.hwacceleration set to disabled, undisclosed traffic can cause the Traffic Management Microkernel (TMM) to terminate.  \n\nNote: Software versions which have reached End of Technical Support (EoTS) are not evaluated."}],"affected":[{"source":"f5sirt@f5.com","affectedData":[{"vendor":"F5","product":"BIG-IP","defaultStatus":"unknown","modules":["All Modules"],"versions":[{"version":"21.1.0","lessThan":"*","versionType":"custom","status":"unaffected"},{"version":"21.0.0","lessThan":"21.0.0.1","versionType":"custom","status":"affected"},{"version":"17.5.0","lessThan":"17.1.5.4","versionType":"custom","status":"affected"},{"version":"17.1.0","lessThan":"17.1.3.1","versionType":"custom","status":"affected"},{"version":"16.1.0","lessThan":"*","versionType":"custom","status":"affected"}]},{"vendor":"F5","product":"BIG-IP Next SPK","defaultStatus":"unknown","versions":[{"version":"2.0.0","lessThan":"*","versionType":"custom","status":"affected"},{"version":"1.7.0","lessThan":"*","versionType":"custom","status":"affected"}]},{"vendor":"F5","product":"BIG-IP Next CNF","defaultStatus":"unknown","versions":[{"version":"2.0.0","lessThan":"*","versionType":"custom","status":"affected"},{"version":"1.1.0","lessThan":"*","versionType":"custom","status":"affected"}]},{"vendor":"F5","product":"BIG-IP Next for Kubernetes","defaultStatus":"unaffected","versions":[{"version":"2.0.0","lessThan":"2.2.0","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"f5sirt@f5.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":8.7,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"NONE","userInteraction":"NONE","vulnConfidentialityImpact":"NONE","vulnIntegrityImpact":"NONE","vulnAvailabilityImpact":"HIGH","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"LOW","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"f5sirt@f5.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-05-13T16:01:48.970839Z","id":"CVE-2026-40618","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"f5sirt@f5.com","type":"Secondary","description":[{"lang":"en","value":"CWE-131"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"84ACD36F-E97D-4DDA-A8FD-D911095C1035"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"BD71EC53-8ABC-410F-B031-0B3288D2E8DF"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"1E446AEE-1CB7-411C-9549-0E12C2EBBF9C"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"AFDDB2A2-3B00-4454-A5BA-F181972B8B70"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"D186FF46-E0B0-4B54-9EA9-87AD379FA600"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"4AFFB39F-3E07-4316-9DD6-C36407B09C20"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"06CB53ED-B0CF-45D0-BF6B-C07C2B5AD3DA"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"A6E75F5E-8C80-4287-84BF-6676B1029AA6"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"2F330E98-E773-4D93-855D-1D82644B3F73"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"26D5B297-AAD7-4DF5-9C24-E9550DF2793A"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"59042348-3748-48E0-B78B-D978C6B241B2"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"5082DEBB-5C7F-41A2-B48F-0C72C3A6782B"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_application_visibility_and_reporting:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"B010CF79-60CD-4B4C-BDCA-61FBD59397B9"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_application_visibility_and_reporting:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"39AA59D4-6DE8-4ABA-9EEB-840755CA76A2"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_automation_toolchain:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"6C89D1A8-D453-4A12-97EA-6642F98FDA27"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_automation_toolchain:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"83FBED4E-1977-45EF-8D33-4A24D81BFE7C"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_carrier-grade_nat:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"54BB0364-2EFA-442B-9DB2-3A49677D965C"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_carrier-grade_nat:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"F64237A9-9AF0-4D01-958F-753862C33ABF"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_container_ingress_services:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"2727CEE5-75FD-4345-88C1-3ED60AAF7DE3"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_container_ingress_services:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"205B3D36-A3D8-4859-A3C4-2FA432B4A162"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_ddos_hybrid_defender:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"EA180633-8625-4F8E-90E2-235BCD334256"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_ddos_hybrid_defender:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"66DDBE6D-423A-4F60-9D06-0E10CB93FB66"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"35FF40AC-3A3E-4B4B-83F4-BB6048FEBB72"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"E0B21289-FB5C-47FA-B054-50341236260D"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"C83BE4EC-8775-4FF4-B362-9E6EBDD53A04"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"C7F7C488-8C01-4EE7-A244-259237F06668"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"556AEFC8-8D4C-4E5A-9051-77424FAAC9D1"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"E649795C-1B70-411B-B744-E0728109474D"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"93597117-087D-4AAC-884F-8E1400D645FA"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"131D329E-0351-402B-BC67-698DC1C9A83E"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"2F95824A-E1F8-412E-B59D-8278AE3CB571"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"C8EF0B1D-AE26-4283-8D84-5CECB245652F"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"4996DCE3-8F39-4917-96A0-2C44C900DEE0"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"AA1487CA-A5F3-4689-9458-7309C2E17C9E"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"48DBF1EA-4DFD-402F-81BC-430B7D74C5FD"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"7F234CDF-C413-4E70-9A97-6467ADB33EA9"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_ssl_orchestrator:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"BA32DFFC-6412-4BA9-9382-5E307539AF4D"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_ssl_orchestrator:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"BCBD1B79-3FC1-4288-BEF8-E5D60DA939A6"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"D25B01D7-F665-47EE-9185-40581A6C3DA0"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"83AD64DE-7D0B-4380-89E0-A06817B21606"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_websafe:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"4AE71FB5-6842-4822-9CA4-1427BC9187BF"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_websafe:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"F1516CC2-94CA-4FB2-AC5A-6CFB0580980C"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"BD3A2286-B181-47DA-BCB3-A9D0E0B357AC"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"004CBB88-E617-4A0A-BE42-E1E6BB52D736"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"920FA89D-E154-4936-B88E-8B60D5B39B40"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"94ADD021-8229-4CDE-AE73-33FB1BD4A3C5"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"216A1ED3-D0CD-4A08-B9E8-A5B54942E831"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"CA7B9727-7694-4D1B-8B48-175196544050"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_application_visibility_and_reporting:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"5481F477-166F-4321-80A0-539095C6B829"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_automation_toolchain:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"5462B02C-4414-4B14-A671-D8993BD9511D"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_carrier-grade_nat:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"4A6B33EA-BD41-45A1-801F-BF2439E4F501"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_container_ingress_services:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"972BEB00-AAC3-42F7-BB45-881E1A3D1131"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_ddos_hybrid_defender:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"226B7285-7977-4BBC-947E-E9541E1AAB89"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"8B49FF41-861D-488F-94DC-DAE222A9BE0D"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"4962EDD5-384F-4ABC-8696-8C4AACEE19BD"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"CE7A5976-AAA0-4FF1-ADAC-4547F24765FA"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"5728B748-0795-4056-91E8-B3A0DB3A3081"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"C453B7CE-FBA6-46E7-975D-61D7A18773F9"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"EC77DFC2-A3DC-46E6-9419-0ABA84CD275E"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"25701935-02F5-4BD8-95F0-6693C6606558"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_ssl_orchestrator:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"AC71E265-C7B7-4A78-B73A-32B5FECE5D36"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"8B029869-31AB-4FE2-846E-FC6F7133ADF8"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_websafe:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"2760AEE2-DCA4-4ED8-92DE-F409EED1A7D9"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_access_policy_manager:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"F10F963B-348A-4819-9109-EF0F2304CCDB"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_advanced_firewall_manager:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"003B47C5-A8E3-4ECD-B0E1-6FD3BCC6C00A"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"CCCB38CF-FCDA-4E62-8BEA-70DE61D617B4"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_analytics:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"B1489ACC-1DCF-4107-A7A5-12E675B522F3"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_application_acceleration_manager:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"B63EC396-5C6D-4F2B-AA4B-48C19A2DEF40"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_application_security_manager:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"E8F401DC-AEE8-4DA1-8D54-51086557F0CC"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_application_visibility_and_reporting:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"EB3D5211-78EA-479C-A468-F3DD867DA377"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_automation_toolchain:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"4BF32E2A-2837-4F02-98D4-EC8D4AD7629A"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_carrier-grade_nat:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"7918553F-3A00-4F1F-8007-40C440D30EDC"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_container_ingress_services:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"63F0B2DD-6D9C-4A4E-AB9A-E417D0BA9725"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_ddos_hybrid_defender:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"961FD6A4-3969-4A7B-B154-71AB91102EDB"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_domain_name_system:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"0EA3A0ED-753C-4909-8EDC-294AF6873791"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_edge_gateway:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"B22E4040-EC36-44B7-AE6F-D8A5B982350F"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_fraud_protection_service:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"90819202-D6CE-4742-957E-32653AD75AB2"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_global_traffic_manager:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"5E4DCF86-3120-4D11-8233-9E41BF6F1577"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_link_controller:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"C3978168-BE6E-41DB-92A2-99843137BBFC"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_local_traffic_manager:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"2BBB888F-2AAF-4F90-82F7-12A79A5D9EC1"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_policy_enforcement_manager:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"EA18854A-929E-4D5E-B2EC-9AC31A5694C6"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_ssl_orchestrator:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"AB4EFA9A-FBB9-437C-9789-7C4EB489DD59"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_webaccelerator:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"900D8242-3139-443E-98A3-30A7D9A0CA42"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_websafe:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"4DF82E2E-B438-4205-8A58-802A1F22EB3E"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_next_service_proxy_for_kubernetes:*:*:*:*:*:*:*:*","versionStartIncluding":"1.7.0","versionEndIncluding":"1.9.2","matchCriteriaId":"4C7328B4-B7E0-460E-8270-116FE813FB23"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_next_service_proxy_for_kubernetes:*:*:*:*:*:*:*:*","versionStartIncluding":"2.0.0","versionEndIncluding":"2.0.3","matchCriteriaId":"676121DA-06BF-4614-8FCF-E9D8ED1F4A89"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_next_cloud-native_network_functions:*:*:*:*:*:*:*:*","versionStartIncluding":"1.1.0","versionEndIncluding":"1.4.1","matchCriteriaId":"3222CE1A-3C23-40FC-9331-370F6BA1CDCC"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_next_cloud-native_network_functions:*:*:*:*:*:*:*:*","versionStartIncluding":"2.0.0","versionEndIncluding":"2.2.1","matchCriteriaId":"5E5307BC-0CF9-4DF9-B4A3-FCE47C0A18CF"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_next_for_kubernetes:*:*:*:*:*:*:*:*","versionStartIncluding":"2.0.0","versionEndIncluding":"2.1.1","matchCriteriaId":"D3BA678E-5D5A-4F89-9839-35F50001B126"}]}]}],"references":[{"url":"https://my.f5.com/manage/s/article/K000158082","source":"f5sirt@f5.com","tags":["Mitigation","Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-40629","sourceIdentifier":"f5sirt@f5.com","published":"2026-05-13T16:16:43.290","lastModified":"2026-06-29T14:17:37.563","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"When SSL profiles are configured on a virtual server, undisclosed traffic can cause the virtual server to stop processing new client connections.  Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated."}],"affected":[{"source":"f5sirt@f5.com","affectedData":[{"vendor":"F5","product":"BIG-IP","defaultStatus":"unknown","modules":["All Modules"],"versions":[{"version":"21.0.0","lessThan":"*","versionType":"custom","status":"unaffected"},{"version":"17.5.0","lessThan":"17.5.1.4","versionType":"custom","status":"affected"},{"version":"17.1.0","lessThan":"17.1.3.1","versionType":"custom","status":"affected"},{"version":"16.1.0","lessThan":"*","versionType":"custom","status":"affected"}]},{"vendor":"F5","product":"BIG-IP Next SPK","defaultStatus":"unknown","versions":[{"version":"2.0.0","lessThan":"2.0.3","versionType":"custom","status":"affected"},{"version":"1.7.0","lessThan":"1.7.16","versionType":"custom","status":"affected"}]},{"vendor":"F5","product":"BIG-IP Next CNF","defaultStatus":"unknown","versions":[{"version":"2.0.0","lessThan":"2.0.3","versionType":"custom","status":"affected"},{"version":"1.1.0","lessThan":"1.4.1","versionType":"custom","status":"affected"}]},{"vendor":"F5","product":"BIG-IP Next for Kubernetes","defaultStatus":"unknown","versions":[{"version":"2.0.0","lessThan":"2.1.1","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"f5sirt@f5.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":8.7,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"NONE","userInteraction":"NONE","vulnConfidentialityImpact":"NONE","vulnIntegrityImpact":"NONE","vulnAvailabilityImpact":"HIGH","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"f5sirt@f5.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-05-13T15:58:47.792247Z","id":"CVE-2026-40629","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"f5sirt@f5.com","type":"Secondary","description":[{"lang":"en","value":"CWE-770"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"84ACD36F-E97D-4DDA-A8FD-D911095C1035"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"BD71EC53-8ABC-410F-B031-0B3288D2E8DF"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"1E446AEE-1CB7-411C-9549-0E12C2EBBF9C"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"AFDDB2A2-3B00-4454-A5BA-F181972B8B70"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"D186FF46-E0B0-4B54-9EA9-87AD379FA600"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"4AFFB39F-3E07-4316-9DD6-C36407B09C20"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"06CB53ED-B0CF-45D0-BF6B-C07C2B5AD3DA"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"A6E75F5E-8C80-4287-84BF-6676B1029AA6"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"2F330E98-E773-4D93-855D-1D82644B3F73"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"26D5B297-AAD7-4DF5-9C24-E9550DF2793A"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"59042348-3748-48E0-B78B-D978C6B241B2"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"5082DEBB-5C7F-41A2-B48F-0C72C3A6782B"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_application_visibility_and_reporting:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"B010CF79-60CD-4B4C-BDCA-61FBD59397B9"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_application_visibility_and_reporting:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"39AA59D4-6DE8-4ABA-9EEB-840755CA76A2"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_automation_toolchain:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"6C89D1A8-D453-4A12-97EA-6642F98FDA27"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_automation_toolchain:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"83FBED4E-1977-45EF-8D33-4A24D81BFE7C"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_carrier-grade_nat:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"54BB0364-2EFA-442B-9DB2-3A49677D965C"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_carrier-grade_nat:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"F64237A9-9AF0-4D01-958F-753862C33ABF"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_container_ingress_services:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"2727CEE5-75FD-4345-88C1-3ED60AAF7DE3"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_container_ingress_services:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"205B3D36-A3D8-4859-A3C4-2FA432B4A162"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_ddos_hybrid_defender:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"EA180633-8625-4F8E-90E2-235BCD334256"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_ddos_hybrid_defender:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"66DDBE6D-423A-4F60-9D06-0E10CB93FB66"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"35FF40AC-3A3E-4B4B-83F4-BB6048FEBB72"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"E0B21289-FB5C-47FA-B054-50341236260D"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"C83BE4EC-8775-4FF4-B362-9E6EBDD53A04"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"C7F7C488-8C01-4EE7-A244-259237F06668"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"556AEFC8-8D4C-4E5A-9051-77424FAAC9D1"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"E649795C-1B70-411B-B744-E0728109474D"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"93597117-087D-4AAC-884F-8E1400D645FA"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"131D329E-0351-402B-BC67-698DC1C9A83E"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"2F95824A-E1F8-412E-B59D-8278AE3CB571"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"C8EF0B1D-AE26-4283-8D84-5CECB245652F"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"4996DCE3-8F39-4917-96A0-2C44C900DEE0"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"AA1487CA-A5F3-4689-9458-7309C2E17C9E"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"48DBF1EA-4DFD-402F-81BC-430B7D74C5FD"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"7F234CDF-C413-4E70-9A97-6467ADB33EA9"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_ssl_orchestrator:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"BA32DFFC-6412-4BA9-9382-5E307539AF4D"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_ssl_orchestrator:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"BCBD1B79-3FC1-4288-BEF8-E5D60DA939A6"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"D25B01D7-F665-47EE-9185-40581A6C3DA0"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"83AD64DE-7D0B-4380-89E0-A06817B21606"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_websafe:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"4AE71FB5-6842-4822-9CA4-1427BC9187BF"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_websafe:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"F1516CC2-94CA-4FB2-AC5A-6CFB0580980C"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"BD3A2286-B181-47DA-BCB3-A9D0E0B357AC"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"004CBB88-E617-4A0A-BE42-E1E6BB52D736"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"920FA89D-E154-4936-B88E-8B60D5B39B40"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"94ADD021-8229-4CDE-AE73-33FB1BD4A3C5"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"216A1ED3-D0CD-4A08-B9E8-A5B54942E831"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"CA7B9727-7694-4D1B-8B48-175196544050"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_application_visibility_and_reporting:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"5481F477-166F-4321-80A0-539095C6B829"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_automation_toolchain:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"5462B02C-4414-4B14-A671-D8993BD9511D"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_carrier-grade_nat:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"4A6B33EA-BD41-45A1-801F-BF2439E4F501"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_container_ingress_services:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"972BEB00-AAC3-42F7-BB45-881E1A3D1131"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_ddos_hybrid_defender:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"226B7285-7977-4BBC-947E-E9541E1AAB89"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"8B49FF41-861D-488F-94DC-DAE222A9BE0D"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"4962EDD5-384F-4ABC-8696-8C4AACEE19BD"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"CE7A5976-AAA0-4FF1-ADAC-4547F24765FA"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"5728B748-0795-4056-91E8-B3A0DB3A3081"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"C453B7CE-FBA6-46E7-975D-61D7A18773F9"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"EC77DFC2-A3DC-46E6-9419-0ABA84CD275E"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"25701935-02F5-4BD8-95F0-6693C6606558"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_ssl_orchestrator:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"AC71E265-C7B7-4A78-B73A-32B5FECE5D36"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"8B029869-31AB-4FE2-846E-FC6F7133ADF8"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_websafe:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"2760AEE2-DCA4-4ED8-92DE-F409EED1A7D9"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_next_service_proxy_for_kubernetes:*:*:*:*:*:*:*:*","versionStartIncluding":"1.7.0","versionEndIncluding":"1.7.15","matchCriteriaId":"468376F6-1D4D-4B02-9CA5-B582CF15CF10"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_next_service_proxy_for_kubernetes:*:*:*:*:*:*:*:*","versionStartIncluding":"2.0.0","versionEndIncluding":"2.0.2","matchCriteriaId":"DF803740-BAB5-43F9-8D69-A5E9081F8077"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_next_cloud-native_network_functions:*:*:*:*:*:*:*:*","versionStartIncluding":"2.0.0","versionEndIncluding":"2.0.2","matchCriteriaId":"07177D8A-5A8A-4836-A969-3104E43CCEDF"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_next_cloud-native_network_functions:1.4.0:*:*:*:*:*:*:*","matchCriteriaId":"2D4113B5-994C-42EE-A127-D2BC6E7DC0CD"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_next_for_kubernetes:*:*:*:*:*:*:*:*","versionStartIncluding":"2.0.0","versionEndIncluding":"2.1.0","matchCriteriaId":"5D27384E-90A7-406F-83B6-184744CD8DC5"}]}]}],"references":[{"url":"https://my.f5.com/manage/s/article/K000158978","source":"f5sirt@f5.com","tags":["Mitigation","Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-40631","sourceIdentifier":"f5sirt@f5.com","published":"2026-05-13T16:16:43.417","lastModified":"2026-06-29T14:17:42.243","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"An authenticated attacker with the Resource Administrator or Administrator role can modify configuration objects through iControl SOAP resulting in privilege escalation.  Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated."}],"affected":[{"source":"f5sirt@f5.com","affectedData":[{"vendor":"F5","product":"BIG-IP","defaultStatus":"unknown","modules":["All Modules"],"versions":[{"version":"21.1.0","lessThan":"*","versionType":"custom","status":"unaffected"},{"version":"21.0.0","lessThan":"21.0.0.2","versionType":"custom","status":"affected"},{"version":"17.5.0","lessThan":"17.5.1.6","versionType":"custom","status":"affected"},{"version":"17.1.0","lessThan":"17.1.3.2","versionType":"custom","status":"affected"},{"version":"16.1.0","lessThan":"*","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"f5sirt@f5.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":8.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"HIGH","userInteraction":"NONE","vulnConfidentialityImpact":"HIGH","vulnIntegrityImpact":"HIGH","vulnAvailabilityImpact":"NONE","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"f5sirt@f5.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:N","baseScore":8.7,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":2.3,"impactScore":5.8}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-05-13T00:00:00+00:00","id":"CVE-2026-40631","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"f5sirt@f5.com","type":"Secondary","description":[{"lang":"en","value":"CWE-552"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"84ACD36F-E97D-4DDA-A8FD-D911095C1035"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"BD71EC53-8ABC-410F-B031-0B3288D2E8DF"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"1E446AEE-1CB7-411C-9549-0E12C2EBBF9C"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"AFDDB2A2-3B00-4454-A5BA-F181972B8B70"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"D186FF46-E0B0-4B54-9EA9-87AD379FA600"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"4AFFB39F-3E07-4316-9DD6-C36407B09C20"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"06CB53ED-B0CF-45D0-BF6B-C07C2B5AD3DA"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"A6E75F5E-8C80-4287-84BF-6676B1029AA6"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"2F330E98-E773-4D93-855D-1D82644B3F73"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"26D5B297-AAD7-4DF5-9C24-E9550DF2793A"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"59042348-3748-48E0-B78B-D978C6B241B2"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"5082DEBB-5C7F-41A2-B48F-0C72C3A6782B"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_application_visibility_and_reporting:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"B010CF79-60CD-4B4C-BDCA-61FBD59397B9"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_application_visibility_and_reporting:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"39AA59D4-6DE8-4ABA-9EEB-840755CA76A2"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_automation_toolchain:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"6C89D1A8-D453-4A12-97EA-6642F98FDA27"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_automation_toolchain:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"83FBED4E-1977-45EF-8D33-4A24D81BFE7C"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_carrier-grade_nat:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"54BB0364-2EFA-442B-9DB2-3A49677D965C"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_carrier-grade_nat:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"F64237A9-9AF0-4D01-958F-753862C33ABF"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_container_ingress_services:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"2727CEE5-75FD-4345-88C1-3ED60AAF7DE3"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_container_ingress_services:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"205B3D36-A3D8-4859-A3C4-2FA432B4A162"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_ddos_hybrid_defender:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"EA180633-8625-4F8E-90E2-235BCD334256"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_ddos_hybrid_defender:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"66DDBE6D-423A-4F60-9D06-0E10CB93FB66"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"35FF40AC-3A3E-4B4B-83F4-BB6048FEBB72"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"E0B21289-FB5C-47FA-B054-50341236260D"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"C83BE4EC-8775-4FF4-B362-9E6EBDD53A04"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"C7F7C488-8C01-4EE7-A244-259237F06668"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"556AEFC8-8D4C-4E5A-9051-77424FAAC9D1"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"E649795C-1B70-411B-B744-E0728109474D"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"93597117-087D-4AAC-884F-8E1400D645FA"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"131D329E-0351-402B-BC67-698DC1C9A83E"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"2F95824A-E1F8-412E-B59D-8278AE3CB571"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"C8EF0B1D-AE26-4283-8D84-5CECB245652F"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"4996DCE3-8F39-4917-96A0-2C44C900DEE0"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"AA1487CA-A5F3-4689-9458-7309C2E17C9E"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"48DBF1EA-4DFD-402F-81BC-430B7D74C5FD"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"7F234CDF-C413-4E70-9A97-6467ADB33EA9"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_ssl_orchestrator:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"BA32DFFC-6412-4BA9-9382-5E307539AF4D"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_ssl_orchestrator:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"BCBD1B79-3FC1-4288-BEF8-E5D60DA939A6"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"D25B01D7-F665-47EE-9185-40581A6C3DA0"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"83AD64DE-7D0B-4380-89E0-A06817B21606"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_websafe:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"4AE71FB5-6842-4822-9CA4-1427BC9187BF"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_websafe:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"F1516CC2-94CA-4FB2-AC5A-6CFB0580980C"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"BD3A2286-B181-47DA-BCB3-A9D0E0B357AC"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"004CBB88-E617-4A0A-BE42-E1E6BB52D736"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"920FA89D-E154-4936-B88E-8B60D5B39B40"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"94ADD021-8229-4CDE-AE73-33FB1BD4A3C5"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"216A1ED3-D0CD-4A08-B9E8-A5B54942E831"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"CA7B9727-7694-4D1B-8B48-175196544050"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_application_visibility_and_reporting:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"5481F477-166F-4321-80A0-539095C6B829"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_automation_toolchain:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"5462B02C-4414-4B14-A671-D8993BD9511D"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_carrier-grade_nat:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"4A6B33EA-BD41-45A1-801F-BF2439E4F501"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_container_ingress_services:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"972BEB00-AAC3-42F7-BB45-881E1A3D1131"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_ddos_hybrid_defender:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"226B7285-7977-4BBC-947E-E9541E1AAB89"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"8B49FF41-861D-488F-94DC-DAE222A9BE0D"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"4962EDD5-384F-4ABC-8696-8C4AACEE19BD"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"CE7A5976-AAA0-4FF1-ADAC-4547F24765FA"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"5728B748-0795-4056-91E8-B3A0DB3A3081"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"C453B7CE-FBA6-46E7-975D-61D7A18773F9"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"EC77DFC2-A3DC-46E6-9419-0ABA84CD275E"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"25701935-02F5-4BD8-95F0-6693C6606558"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_ssl_orchestrator:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"AC71E265-C7B7-4A78-B73A-32B5FECE5D36"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"8B029869-31AB-4FE2-846E-FC6F7133ADF8"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_websafe:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"2760AEE2-DCA4-4ED8-92DE-F409EED1A7D9"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_access_policy_manager:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"F10F963B-348A-4819-9109-EF0F2304CCDB"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_advanced_firewall_manager:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"003B47C5-A8E3-4ECD-B0E1-6FD3BCC6C00A"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"CCCB38CF-FCDA-4E62-8BEA-70DE61D617B4"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_analytics:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"B1489ACC-1DCF-4107-A7A5-12E675B522F3"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_application_acceleration_manager:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"B63EC396-5C6D-4F2B-AA4B-48C19A2DEF40"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_application_security_manager:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"E8F401DC-AEE8-4DA1-8D54-51086557F0CC"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_application_visibility_and_reporting:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"EB3D5211-78EA-479C-A468-F3DD867DA377"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_automation_toolchain:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"4BF32E2A-2837-4F02-98D4-EC8D4AD7629A"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_carrier-grade_nat:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"7918553F-3A00-4F1F-8007-40C440D30EDC"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_container_ingress_services:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"63F0B2DD-6D9C-4A4E-AB9A-E417D0BA9725"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_ddos_hybrid_defender:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"961FD6A4-3969-4A7B-B154-71AB91102EDB"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_domain_name_system:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"0EA3A0ED-753C-4909-8EDC-294AF6873791"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_edge_gateway:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"B22E4040-EC36-44B7-AE6F-D8A5B982350F"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_fraud_protection_service:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"90819202-D6CE-4742-957E-32653AD75AB2"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_global_traffic_manager:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"5E4DCF86-3120-4D11-8233-9E41BF6F1577"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_link_controller:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"C3978168-BE6E-41DB-92A2-99843137BBFC"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_local_traffic_manager:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"2BBB888F-2AAF-4F90-82F7-12A79A5D9EC1"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_policy_enforcement_manager:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"EA18854A-929E-4D5E-B2EC-9AC31A5694C6"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_ssl_orchestrator:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"AB4EFA9A-FBB9-437C-9789-7C4EB489DD59"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_webaccelerator:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"900D8242-3139-443E-98A3-30A7D9A0CA42"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_websafe:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"4DF82E2E-B438-4205-8A58-802A1F22EB3E"}]}]}],"references":[{"url":"https://my.f5.com/manage/s/article/K000160979","source":"f5sirt@f5.com","tags":["Mitigation","Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-40698","sourceIdentifier":"f5sirt@f5.com","published":"2026-05-13T16:16:43.593","lastModified":"2026-06-29T15:30:00.233","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"A vulnerability exists in BIG-IP and BIG-IQ systems where a highly privileged, authenticated attacker with at least the Resource Administrator role can create SNMP configuration objects through iControl REST or the TMOS shell (tmsh) resulting in privilege escalation.  Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated."}],"affected":[{"source":"f5sirt@f5.com","affectedData":[{"vendor":"F5","product":"BIG-IP","defaultStatus":"unknown","modules":["All Modules"],"versions":[{"version":"21.1.0","lessThan":"*","versionType":"custom","status":"unaffected"},{"version":"21.0.0","lessThan":"21.0.0.2","versionType":"custom","status":"affected"},{"version":"17.5.0","lessThan":"17.5.1.6","versionType":"custom","status":"affected"},{"version":"17.1.0","lessThan":"17.1.3.2","versionType":"custom","status":"affected"},{"version":"16.1.0","lessThan":"*","versionType":"custom","status":"affected"}]},{"vendor":"F5","product":"BIG-IQ","defaultStatus":"unaffected","versions":[{"version":"8.4.0","lessThan":"*","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"f5sirt@f5.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":8.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"HIGH","userInteraction":"NONE","vulnConfidentialityImpact":"HIGH","vulnIntegrityImpact":"HIGH","vulnAvailabilityImpact":"NONE","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"f5sirt@f5.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:N","baseScore":8.7,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":2.3,"impactScore":5.8}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-05-13T00:00:00+00:00","id":"CVE-2026-40698","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"f5sirt@f5.com","type":"Secondary","description":[{"lang":"en","value":"CWE-77"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"84ACD36F-E97D-4DDA-A8FD-D911095C1035"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"BD71EC53-8ABC-410F-B031-0B3288D2E8DF"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"1E446AEE-1CB7-411C-9549-0E12C2EBBF9C"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"AFDDB2A2-3B00-4454-A5BA-F181972B8B70"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"D186FF46-E0B0-4B54-9EA9-87AD379FA600"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"4AFFB39F-3E07-4316-9DD6-C36407B09C20"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"06CB53ED-B0CF-45D0-BF6B-C07C2B5AD3DA"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"A6E75F5E-8C80-4287-84BF-6676B1029AA6"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"2F330E98-E773-4D93-855D-1D82644B3F73"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"26D5B297-AAD7-4DF5-9C24-E9550DF2793A"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"59042348-3748-48E0-B78B-D978C6B241B2"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"5082DEBB-5C7F-41A2-B48F-0C72C3A6782B"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_application_visibility_and_reporting:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"B010CF79-60CD-4B4C-BDCA-61FBD59397B9"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_application_visibility_and_reporting:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"39AA59D4-6DE8-4ABA-9EEB-840755CA76A2"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_automation_toolchain:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"6C89D1A8-D453-4A12-97EA-6642F98FDA27"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_automation_toolchain:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"83FBED4E-1977-45EF-8D33-4A24D81BFE7C"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_carrier-grade_nat:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"54BB0364-2EFA-442B-9DB2-3A49677D965C"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_carrier-grade_nat:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"F64237A9-9AF0-4D01-958F-753862C33ABF"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_container_ingress_services:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"2727CEE5-75FD-4345-88C1-3ED60AAF7DE3"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_container_ingress_services:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"205B3D36-A3D8-4859-A3C4-2FA432B4A162"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_ddos_hybrid_defender:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"EA180633-8625-4F8E-90E2-235BCD334256"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_ddos_hybrid_defender:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"66DDBE6D-423A-4F60-9D06-0E10CB93FB66"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"35FF40AC-3A3E-4B4B-83F4-BB6048FEBB72"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"E0B21289-FB5C-47FA-B054-50341236260D"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"C83BE4EC-8775-4FF4-B362-9E6EBDD53A04"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"C7F7C488-8C01-4EE7-A244-259237F06668"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"556AEFC8-8D4C-4E5A-9051-77424FAAC9D1"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"E649795C-1B70-411B-B744-E0728109474D"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"93597117-087D-4AAC-884F-8E1400D645FA"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"131D329E-0351-402B-BC67-698DC1C9A83E"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"2F95824A-E1F8-412E-B59D-8278AE3CB571"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"C8EF0B1D-AE26-4283-8D84-5CECB245652F"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"4996DCE3-8F39-4917-96A0-2C44C900DEE0"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"AA1487CA-A5F3-4689-9458-7309C2E17C9E"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"48DBF1EA-4DFD-402F-81BC-430B7D74C5FD"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"7F234CDF-C413-4E70-9A97-6467ADB33EA9"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_ssl_orchestrator:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"BA32DFFC-6412-4BA9-9382-5E307539AF4D"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_ssl_orchestrator:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"BCBD1B79-3FC1-4288-BEF8-E5D60DA939A6"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"D25B01D7-F665-47EE-9185-40581A6C3DA0"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"83AD64DE-7D0B-4380-89E0-A06817B21606"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_websafe:*:*:*:*:*:*:*:*","versionStartIncluding":"17.1.0","versionEndIncluding":"17.1.3","matchCriteriaId":"4AE71FB5-6842-4822-9CA4-1427BC9187BF"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_websafe:*:*:*:*:*:*:*:*","versionStartIncluding":"17.5.0","versionEndIncluding":"17.5.1","matchCriteriaId":"F1516CC2-94CA-4FB2-AC5A-6CFB0580980C"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"BD3A2286-B181-47DA-BCB3-A9D0E0B357AC"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"004CBB88-E617-4A0A-BE42-E1E6BB52D736"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"920FA89D-E154-4936-B88E-8B60D5B39B40"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"94ADD021-8229-4CDE-AE73-33FB1BD4A3C5"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"216A1ED3-D0CD-4A08-B9E8-A5B54942E831"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"CA7B9727-7694-4D1B-8B48-175196544050"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_application_visibility_and_reporting:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"5481F477-166F-4321-80A0-539095C6B829"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_automation_toolchain:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"5462B02C-4414-4B14-A671-D8993BD9511D"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_carrier-grade_nat:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"4A6B33EA-BD41-45A1-801F-BF2439E4F501"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_container_ingress_services:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"972BEB00-AAC3-42F7-BB45-881E1A3D1131"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_ddos_hybrid_defender:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"226B7285-7977-4BBC-947E-E9541E1AAB89"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"8B49FF41-861D-488F-94DC-DAE222A9BE0D"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"4962EDD5-384F-4ABC-8696-8C4AACEE19BD"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"CE7A5976-AAA0-4FF1-ADAC-4547F24765FA"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"5728B748-0795-4056-91E8-B3A0DB3A3081"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"C453B7CE-FBA6-46E7-975D-61D7A18773F9"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"EC77DFC2-A3DC-46E6-9419-0ABA84CD275E"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"25701935-02F5-4BD8-95F0-6693C6606558"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_ssl_orchestrator:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"AC71E265-C7B7-4A78-B73A-32B5FECE5D36"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"8B029869-31AB-4FE2-846E-FC6F7133ADF8"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_websafe:*:*:*:*:*:*:*:*","versionStartIncluding":"16.1.0","versionEndIncluding":"16.1.6","matchCriteriaId":"2760AEE2-DCA4-4ED8-92DE-F409EED1A7D9"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_access_policy_manager:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"F10F963B-348A-4819-9109-EF0F2304CCDB"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_advanced_firewall_manager:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"003B47C5-A8E3-4ECD-B0E1-6FD3BCC6C00A"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_advanced_web_application_firewall:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"CCCB38CF-FCDA-4E62-8BEA-70DE61D617B4"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_analytics:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"B1489ACC-1DCF-4107-A7A5-12E675B522F3"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_application_acceleration_manager:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"B63EC396-5C6D-4F2B-AA4B-48C19A2DEF40"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_application_security_manager:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"E8F401DC-AEE8-4DA1-8D54-51086557F0CC"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_application_visibility_and_reporting:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"EB3D5211-78EA-479C-A468-F3DD867DA377"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_automation_toolchain:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"4BF32E2A-2837-4F02-98D4-EC8D4AD7629A"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_carrier-grade_nat:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"7918553F-3A00-4F1F-8007-40C440D30EDC"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_container_ingress_services:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"63F0B2DD-6D9C-4A4E-AB9A-E417D0BA9725"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_ddos_hybrid_defender:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"961FD6A4-3969-4A7B-B154-71AB91102EDB"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_domain_name_system:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"0EA3A0ED-753C-4909-8EDC-294AF6873791"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_edge_gateway:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"B22E4040-EC36-44B7-AE6F-D8A5B982350F"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_fraud_protection_service:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"90819202-D6CE-4742-957E-32653AD75AB2"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_global_traffic_manager:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"5E4DCF86-3120-4D11-8233-9E41BF6F1577"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_link_controller:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"C3978168-BE6E-41DB-92A2-99843137BBFC"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_local_traffic_manager:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"2BBB888F-2AAF-4F90-82F7-12A79A5D9EC1"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_policy_enforcement_manager:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"EA18854A-929E-4D5E-B2EC-9AC31A5694C6"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_ssl_orchestrator:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"AB4EFA9A-FBB9-437C-9789-7C4EB489DD59"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_webaccelerator:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"900D8242-3139-443E-98A3-30A7D9A0CA42"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-ip_websafe:21.0.0:*:*:*:*:*:*:*","matchCriteriaId":"4DF82E2E-B438-4205-8A58-802A1F22EB3E"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:f5:big-iq_centralized_management:*:*:*:*:*:*:*:*","versionStartIncluding":"8.4.0","versionEndIncluding":"8.4.1","matchCriteriaId":"54662042-8E2F-4192-BFEB-F61EDD61B02D"}]}]}],"references":[{"url":"https://my.f5.com/manage/s/article/K000160981","source":"f5sirt@f5.com","tags":["Mitigation","Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-20209","sourceIdentifier":"psirt@cisco.com","published":"2026-05-14T17:16:19.750","lastModified":"2026-06-29T17:33:57.353","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"A vulnerability in the web UI of Cisco Catalyst SD-WAN Manager, formerly SD-WAN vManage, could allow an authenticated, remote attacker with read-only permissions to elevate their privileges from low to high and perform actions as a high-privileged user.\r\n\r\nThis vulnerability exists because sensitive session information is recorded in audit logs. An attacker could exploit this vulnerability by elevating their read-only permissions in Cisco Catalyst SD-WAN Manager to those of a high-privileged user. A successful exploit could allow the attacker to perform actions as a high-privileged user."}],"affected":[{"source":"psirt@cisco.com","affectedData":[{"vendor":"Cisco","product":"Cisco Catalyst SD-WAN Manager","defaultStatus":"unknown","versions":[{"version":"20.1.12","status":"affected"},{"version":"19.2.1","status":"affected"},{"version":"18.4.4","status":"affected"},{"version":"18.4.5","status":"affected"},{"version":"20.1.1.1","status":"affected"},{"version":"20.1.1","status":"affected"},{"version":"19.3.0","status":"affected"},{"version":"19.2.2","status":"affected"},{"version":"19.2.099","status":"affected"},{"version":"18.3.6","status":"affected"},{"version":"18.3.7","status":"affected"},{"version":"19.2.0","status":"affected"},{"version":"18.3.8","status":"affected"},{"version":"19.0.0","status":"affected"},{"version":"19.1.0","status":"affected"},{"version":"18.4.302","status":"affected"},{"version":"18.4.303","status":"affected"},{"version":"19.2.097","status":"affected"},{"version":"19.2.098","status":"affected"},{"version":"17.2.10","status":"affected"},{"version":"18.3.6.1","status":"affected"},{"version":"19.0.1a","status":"affected"},{"version":"18.2.0","status":"affected"},{"version":"18.4.3","status":"affected"},{"version":"18.4.1","status":"affected"},{"version":"17.2.8","status":"affected"},{"version":"18.3.3.1","status":"affected"},{"version":"18.4.0","status":"affected"},{"version":"18.3.1","status":"affected"},{"version":"17.2.6","status":"affected"},{"version":"17.2.9","status":"affected"},{"version":"18.3.4","status":"affected"},{"version":"17.2.5","status":"affected"},{"version":"18.3.1.1","status":"affected"},{"version":"18.3.5","status":"affected"},{"version":"18.4.0.1","status":"affected"},{"version":"18.3.3","status":"affected"},{"version":"17.2.7","status":"affected"},{"version":"17.2.4","status":"affected"},{"version":"18.3.0","status":"affected"},{"version":"19.2.3","status":"affected"},{"version":"18.4.501_ES","status":"affected"},{"version":"20.3.1","status":"affected"},{"version":"20.1.2","status":"affected"},{"version":"19.2.929","status":"affected"},{"version":"19.2.31","status":"affected"},{"version":"20.3.2","status":"affected"},{"version":"19.2.32","status":"affected"},{"version":"20.3.2_925","status":"affected"},{"version":"20.3.2.1","status":"affected"},{"version":"20.3.2.1_927","status":"affected"},{"version":"18.4.6","status":"affected"},{"version":"20.1.2_937","status":"affected"},{"version":"20.4.1","status":"affected"},{"version":"20.3.2_928","status":"affected"},{"version":"20.3.2_929","status":"affected"},{"version":"20.4.1.0.1","status":"affected"},{"version":"20.3.2.1_930","status":"affected"},{"version":"19.2.4","status":"affected"},{"version":"20.5.0.1.1","status":"affected"},{"version":"20.4.1.1","status":"affected"},{"version":"20.3.3","status":"affected"},{"version":"19.2.4.0.1","status":"affected"},{"version":"20.3.2_937","status":"affected"},{"version":"20.3.3.1","status":"affected"},{"version":"20.5.1","status":"affected"},{"version":"20.1.3","status":"affected"},{"version":"20.3.3.0.4","status":"affected"},{"version":"20.3.3.1.2","status":"affected"},{"version":"20.3.3.1.1","status":"affected"},{"version":"20.4.1.2","status":"affected"},{"version":"20.3.3.0.2","status":"affected"},{"version":"20.4.1.1.5","status":"affected"},{"version":"20.4.1.0.01","status":"affected"},{"version":"20.4.1.0.02","status":"affected"},{"version":"20.3.3.1.7","status":"affected"},{"version":"20.3.3.1.5","status":"affected"},{"version":"20.5.1.0.1","status":"affected"},{"version":"20.3.3.1.10","status":"affected"},{"version":"20.3.3.0.8","status":"affected"},{"version":"20.4.2","status":"affected"},{"version":"20.4.2.0.1","status":"affected"},{"version":"20.3.4","status":"affected"},{"version":"20.3.3.0.14","status":"affected"},{"version":"19.2.4.0.8","status":"affected"},{"version":"19.2.4.0.9","status":"affected"},{"version":"20.3.4.0.1","status":"affected"},{"version":"20.3.2.0.5","status":"affected"},{"version":"20.6.1","status":"affected"},{"version":"20.5.1.0.2","status":"affected"},{"version":"20.3.3.0.17","status":"affected"},{"version":"20.6.1.1","status":"affected"},{"version":"20.6.0.18.3","status":"affected"},{"version":"20.3.2.0.6","status":"affected"},{"version":"20.6.0.18.4","status":"affected"},{"version":"20.4.2.0.2","status":"affected"},{"version":"20.3.3.0.16","status":"affected"},{"version":"20.3.4.0.5","status":"affected"},{"version":"20.6.1.0.1","status":"affected"},{"version":"20.3.4.0.6","status":"affected"},{"version":"20.6.2","status":"affected"},{"version":"20.7.1EFT2","status":"affected"},{"version":"20.3.4.0.9","status":"affected"},{"version":"20.3.4.0.11","status":"affected"},{"version":"20.4.2.0.4","status":"affected"},{"version":"20.3.3.0.18","status":"affected"},{"version":"20.7.1","status":"affected"},{"version":"20.6.2.1","status":"affected"},{"version":"20.3.4.1","status":"affected"},{"version":"20.5.1.1","status":"affected"},{"version":"20.4.2.1","status":"affected"},{"version":"20.4.2.1.1","status":"affected"},{"version":"20.3.4.1.1","status":"affected"},{"version":"20.3.813","status":"affected"},{"version":"20.3.4.0.19","status":"affected"},{"version":"20.4.2.2.1","status":"affected"},{"version":"20.5.1.2","status":"affected"},{"version":"20.3.4.2","status":"affected"},{"version":"20.3.814","status":"affected"},{"version":"20.4.2.2","status":"affected"},{"version":"20.6.2.2","status":"affected"},{"version":"20.3.4.2.1","status":"affected"},{"version":"20.7.1.1","status":"affected"},{"version":"20.3.4.1.2","status":"affected"},{"version":"20.6.2.2.2","status":"affected"},{"version":"20.3.4.0.20","status":"affected"},{"version":"20.6.2.2.3","status":"affected"},{"version":"20.4.2.2.2","status":"affected"},{"version":"20.3.5","status":"affected"},{"version":"20.6.2.0.4","status":"affected"},{"version":"20.4.2.2.3","status":"affected"},{"version":"20.3.4.0.24","status":"affected"},{"version":"20.6.2.2.7","status":"affected"},{"version":"20.6.3","status":"affected"},{"version":"20.3.4.2.2","status":"affected"},{"version":"20.4.2.2.4","status":"affected"},{"version":"20.7.1.0.2","status":"affected"},{"version":"20.8.1","status":"affected"},{"version":"20.3.5.0.8","status":"affected"},{"version":"20.3.5.0.9","status":"affected"},{"version":"20.4.2.2.8","status":"affected"},{"version":"20.3.5.0.7","status":"affected"},{"version":"20.6.3.0.7","status":"affected"},{"version":"20.6.3.0.5","status":"affected"},{"version":"20.6.3.0.10","status":"affected"},{"version":"20.6.3.0.2","status":"affected"},{"version":"20.7.2","status":"affected"},{"version":"20.9.1EFT2","status":"affected"},{"version":"20.6.3.0.11","status":"affected"},{"version":"20.6.3.1","status":"affected"},{"version":"20.6.3.0.14","status":"affected"},{"version":"20.6.4","status":"affected"},{"version":"20.9.1","status":"affected"},{"version":"20.6.3.0.19","status":"affected"},{"version":"20.6.3.0.18","status":"affected"},{"version":"20.3.6","status":"affected"},{"version":"20.9.1.1","status":"affected"},{"version":"20.6.3.0.23","status":"affected"},{"version":"20.6.4.0.4","status":"affected"},{"version":"20.6.3.0.25","status":"affected"},{"version":"20.6.5","status":"affected"},{"version":"20.6.3.0.27","status":"affected"},{"version":"20.9.2","status":"affected"},{"version":"20.9.2.1","status":"affected"},{"version":"20.6.3.0.29","status":"affected"},{"version":"20.6.3.0.31","status":"affected"},{"version":"20.6.3.0.32","status":"affected"},{"version":"20.10.1","status":"affected"},{"version":"20.6.3.0.33","status":"affected"},{"version":"20.9.2.0.01","status":"affected"},{"version":"20.9.1_LI_Images","status":"affected"},{"version":"20.10.1_LI_Images","status":"affected"},{"version":"20.9.2_LI_Images","status":"affected"},{"version":"20.3.7","status":"affected"},{"version":"20.9.3","status":"affected"},{"version":"20.6.5.1","status":"affected"},{"version":"20.11.1","status":"affected"},{"version":"20.11.1_LI_Images","status":"affected"},{"version":"20.9.3_LI_ Images","status":"affected"},{"version":"20.6.3.1.1","status":"affected"},{"version":"20.9.3.0.2","status":"affected"},{"version":"20.6.5.1.2","status":"affected"},{"version":"20.9.3.0.3","status":"affected"},{"version":"20.4.2.3","status":"affected"},{"version":"20.6.3.2","status":"affected"},{"version":"20.6.4.1","status":"affected"},{"version":"20.6.3.0.38","status":"affected"},{"version":"20.6.3.0.39","status":"affected"},{"version":"20.3.5.1","status":"affected"},{"version":"20.3.4.3","status":"affected"},{"version":"20.9.3.1","status":"affected"},{"version":"20.3.3.2","status":"affected"},{"version":"20.6.5.2","status":"affected"},{"version":"20.3.7.1","status":"affected"},{"version":"20.10.1.1","status":"affected"},{"version":"20.6.5.2.1","status":"affected"},{"version":"20.3.4.0.25","status":"affected"},{"version":"20.6.2.2.4","status":"affected"},{"version":"20.6.1.2","status":"affected"},{"version":"20.11.1.1","status":"affected"},{"version":"20.9.3.0.5","status":"affected"},{"version":"20.3.4.0.26","status":"affected"},{"version":"20.6.5.1.3","status":"affected"},{"version":"20.6.3.0.40","status":"affected"},{"version":"20.1.3.1","status":"affected"},{"version":"20.9.2.2","status":"affected"},{"version":"20.6.5.2.3","status":"affected"},{"version":"20.6.5.1.4","status":"affected"},{"version":"20.6.5.3","status":"affected"},{"version":"20.6.3.0.41","status":"affected"},{"version":"20.9.3.0.7","status":"affected"},{"version":"20.6.5.1.5","status":"affected"},{"version":"20.9.3.0.4","status":"affected"},{"version":"20.6.4.0.19","status":"affected"},{"version":"20.6.5.1.6","status":"affected"},{"version":"20.9.3.0.8","status":"affected"},{"version":"20.6.3.3","status":"affected"},{"version":"20.3.7.2","status":"affected"},{"version":"20.6.5.4","status":"affected"},{"version":"20.6.5.1.7","status":"affected"},{"version":"20.9.3.0.12","status":"affected"},{"version":"20.6.4.2","status":"affected"},{"version":"20.6.5.5","status":"affected"},{"version":"20.9.3.2","status":"affected"},{"version":"20.11.1.2","status":"affected"},{"version":"20.6.3.4","status":"affected"},{"version":"20.10.1.2","status":"affected"},{"version":"20.6.5.1.9","status":"affected"},{"version":"20.9.3.0.16","status":"affected"},{"version":"20.6.3.0.45","status":"affected"},{"version":"20.6.5.1.10","status":"affected"},{"version":"20.9.3.0.17","status":"affected"},{"version":"20.6.5.2.4","status":"affected"},{"version":"20.6.4.0.21","status":"affected"},{"version":"20.9.3.0.18","status":"affected"},{"version":"20.6.3.0.46","status":"affected"},{"version":"20.6.3.0.47","status":"affected"},{"version":"20.9.2.3","status":"affected"},{"version":"20.9.3.2_LI_Images","status":"affected"},{"version":"20.9.3.0.21","status":"affected"},{"version":"20.9.3.0.20","status":"affected"},{"version":"20.9.4_LI_Images","status":"affected"},{"version":"20.9.4","status":"affected"},{"version":"20.6.5.1.11","status":"affected"},{"version":"20.12.1","status":"affected"},{"version":"20.12.1_LI_Images","status":"affected"},{"version":"20.6.5.1.13","status":"affected"},{"version":"20.9.3.0.23","status":"affected"},{"version":"20.6.5.2.8","status":"affected"},{"version":"20.9.4.1","status":"affected"},{"version":"20.9.4.1_LI_Images","status":"affected"},{"version":"20.9.3.0.25","status":"affected"},{"version":"20.9.3.0.24","status":"affected"},{"version":"20.6.5.1.14","status":"affected"},{"version":"20.3.8","status":"affected"},{"version":"20.6.6","status":"affected"},{"version":"20.9.3.0.26","status":"affected"},{"version":"20.6.3.0.51","status":"affected"},{"version":"20.9.3.0.29","status":"affected"},{"version":"20.12.2","status":"affected"},{"version":"20.12.2_LI_Images","status":"affected"},{"version":"20.6.6.0.1","status":"affected"},{"version":"20.13.1_LI_Images","status":"affected"},{"version":"20.9.4.0.4","status":"affected"},{"version":"20.13.1","status":"affected"},{"version":"20.9.4.1.1","status":"affected"},{"version":"20.9.5","status":"affected"},{"version":"20.9.5_LI_Images","status":"affected"},{"version":"20.12.3_LI_Images","status":"affected"},{"version":"20.12.3","status":"affected"},{"version":"20.9.4.1.3","status":"affected"},{"version":"20.6.7","status":"affected"},{"version":"20.9.5.1","status":"affected"},{"version":"20.9.5.1_LI_Images","status":"affected"},{"version":"20.9.4.1.6","status":"affected"},{"version":"20.14.1","status":"affected"},{"version":"20.14.1_LI_Images","status":"affected"},{"version":"20.9.5.2","status":"affected"},{"version":"20.9.5.2.1","status":"affected"},{"version":"20.9.5.2_LI_Images","status":"affected"},{"version":"20.12.3.1","status":"affected"},{"version":"20.12.4","status":"affected"},{"version":"20.15.1_LI_Images","status":"affected"},{"version":"20.15.1","status":"affected"},{"version":"20.9.5.1.4","status":"affected"},{"version":"20.9.5.2.7","status":"affected"},{"version":"20.9.5.2.13","status":"affected"},{"version":"20.9.6","status":"affected"},{"version":"20.9.6_LI_Images","status":"affected"},{"version":"20.9.5.2.14","status":"affected"},{"version":"20.6.8","status":"affected"},{"version":"20.12.4.0.03","status":"affected"},{"version":"20.16.1","status":"affected"},{"version":"20.16.1_LI_Images","status":"affected"},{"version":"20.12.4_LI_Images","status":"affected"},{"version":"20.9.5.2.16","status":"affected"},{"version":"20.12.4.0.4","status":"affected"},{"version":"20.12.401","status":"affected"},{"version":"20.9.5.3","status":"affected"},{"version":"20.9.5.3_LI_Images","status":"affected"},{"version":"20.12.4.1_LI_Images","status":"affected"},{"version":"20.12.4.1","status":"affected"},{"version":"20.9.5.2.21","status":"affected"},{"version":"20.9.6.0.3","status":"affected"},{"version":"20.12.4.0.6","status":"affected"},{"version":"20.15.2_LI_Images","status":"affected"},{"version":"20.15.2","status":"affected"},{"version":"20.12.4_Monthly_ES5","status":"affected"},{"version":"20.12.5","status":"affected"},{"version":"20.12.5_LI_Images","status":"affected"},{"version":"20.9.7_LI _Images","status":"affected"},{"version":"20.9.7","status":"affected"},{"version":"20.15.3","status":"affected"},{"version":"20.15.3_ LI _Images","status":"affected"},{"version":"20.12.501","status":"affected"},{"version":"20.12.5.1_LI_Images","status":"affected"},{"version":"20.12.5.1","status":"affected"},{"version":"20.12.5.2_LI_Images","status":"affected"},{"version":"20.12.5.2","status":"affected"},{"version":"20.15.3.1","status":"affected"},{"version":"20.15.4_LI_Images","status":"affected"},{"version":"20.15.4","status":"affected"},{"version":"20.9.7.1_LI _Images","status":"affected"},{"version":"20.9.7.1","status":"affected"},{"version":"20.18.1","status":"affected"},{"version":"20.18.1_LI_Images","status":"affected"},{"version":"20.12.6_LI_Images","status":"affected"},{"version":"20.12.6","status":"affected"},{"version":"20.12.5.1.01","status":"affected"},{"version":"26.0.1","status":"affected"},{"version":"20.9.8","status":"affected"},{"version":"20.9.8_LI_Images","status":"affected"},{"version":"20.18.2","status":"affected"},{"version":"20.15.4.1_LI_Images","status":"affected"},{"version":"20.15.4.1","status":"affected"},{"version":"20.18.2_LI_Images","status":"affected"},{"version":"20.18.2.1_LI_Images","status":"affected"},{"version":"20.18.2.1","status":"affected"},{"version":"20.15.4.2_LI_Images","status":"affected"},{"version":"20.15.4.2","status":"affected"},{"version":"20.12.6.1","status":"affected"},{"version":"20.12.6.1_LI_Images","status":"affected"},{"version":"20.12.5.3","status":"affected"},{"version":"20.12.5.3_LI_Images","status":"affected"},{"version":"20.9.8.2_LI_Images","status":"affected"},{"version":"20.9.8.2","status":"affected"},{"version":"20.18.3","status":"affected"},{"version":"20.18.3_LI_Images","status":"affected"},{"version":"20.15.5","status":"affected"},{"version":"20.15.5_LI_Images","status":"affected"},{"version":"20.12.7","status":"affected"},{"version":"20.12.7_LI_Images","status":"affected"},{"version":"20.9.9","status":"affected"},{"version":"20.9.9_LI_Images","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"psirt@cisco.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N","baseScore":5.4,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":2.5}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-05-14T00:00:00+00:00","id":"CVE-2026-20209","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"psirt@cisco.com","type":"Secondary","description":[{"lang":"en","value":"CWE-779"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:catalyst_sd-wan_manager:*:*:*:*:*:*:*:*","versionEndExcluding":"20.9.9.1","matchCriteriaId":"5021D679-E23A-4D7F-B3B6-D664634A639C"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:catalyst_sd-wan_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"20.10","versionEndExcluding":"20.12.5.4","matchCriteriaId":"26022018-2273-4589-BE4F-AD92DA31CB58"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:catalyst_sd-wan_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"20.12.6","versionEndExcluding":"20.12.6.2","matchCriteriaId":"FDA5CA36-86B6-443D-B772-37A5901F3E83"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:catalyst_sd-wan_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"20.13","versionEndExcluding":"20.15.4.4","matchCriteriaId":"32A83687-B363-476B-89EF-B35C82575237"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:catalyst_sd-wan_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"20.15.5","versionEndExcluding":"20.15.5.2","matchCriteriaId":"709D0805-4B76-46A0-82D3-93C89926B389"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:catalyst_sd-wan_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"20.16","versionEndExcluding":"20.18.2.2","matchCriteriaId":"BB6A9216-3D47-4B33-B502-72B99859992E"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:catalyst_sd-wan_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"26.1","versionEndExcluding":"26.1.1.1","matchCriteriaId":"C34C0AB2-3E8E-4B12-BEA2-446F8F248B9A"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:catalyst_sd-wan_manager:20.12.7:*:*:*:*:*:*:*","matchCriteriaId":"6A03BCEF-DC25-488D-91D3-0A16F3B872E3"}]}]}],"references":[{"url":"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-mltvnps2-JxpWm7R","source":"psirt@cisco.com","tags":["Vendor Advisory"]},{"url":"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-rpa-EHchtZk","source":"psirt@cisco.com","tags":["Not Applicable"]}]}},{"cve":{"id":"CVE-2026-20210","sourceIdentifier":"psirt@cisco.com","published":"2026-05-14T17:16:20.057","lastModified":"2026-06-29T17:35:57.443","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"A vulnerability in the web UI of Cisco Catalyst SD-WAN Manager, formerly SD-WAN vManage, could allow an authenticated, remote attacker with read-only permissions to modify configurations and perform unauthorized actions on an affected system.\r\n\r\nThis vulnerability exists because of a failure to redact sensitive information within device configurations and templates. An attacker could exploit this vulnerability by elevating their read-only permissions to those of a high-privileged user. A successful exploit could allow the attacker to access or modify configuration settings within Cisco Catalyst SD-WAN Manager as a high-privileged user."}],"affected":[{"source":"psirt@cisco.com","affectedData":[{"vendor":"Cisco","product":"Cisco Catalyst SD-WAN Manager","defaultStatus":"unknown","versions":[{"version":"20.1.12","status":"affected"},{"version":"19.2.1","status":"affected"},{"version":"18.4.4","status":"affected"},{"version":"18.4.5","status":"affected"},{"version":"20.1.1.1","status":"affected"},{"version":"20.1.1","status":"affected"},{"version":"19.3.0","status":"affected"},{"version":"19.2.2","status":"affected"},{"version":"19.2.099","status":"affected"},{"version":"18.3.6","status":"affected"},{"version":"18.3.7","status":"affected"},{"version":"19.2.0","status":"affected"},{"version":"18.3.8","status":"affected"},{"version":"19.0.0","status":"affected"},{"version":"19.1.0","status":"affected"},{"version":"18.4.302","status":"affected"},{"version":"18.4.303","status":"affected"},{"version":"19.2.097","status":"affected"},{"version":"19.2.098","status":"affected"},{"version":"17.2.10","status":"affected"},{"version":"18.3.6.1","status":"affected"},{"version":"19.0.1a","status":"affected"},{"version":"18.2.0","status":"affected"},{"version":"18.4.3","status":"affected"},{"version":"18.4.1","status":"affected"},{"version":"17.2.8","status":"affected"},{"version":"18.3.3.1","status":"affected"},{"version":"18.4.0","status":"affected"},{"version":"18.3.1","status":"affected"},{"version":"17.2.6","status":"affected"},{"version":"17.2.9","status":"affected"},{"version":"18.3.4","status":"affected"},{"version":"17.2.5","status":"affected"},{"version":"18.3.1.1","status":"affected"},{"version":"18.3.5","status":"affected"},{"version":"18.4.0.1","status":"affected"},{"version":"18.3.3","status":"affected"},{"version":"17.2.7","status":"affected"},{"version":"17.2.4","status":"affected"},{"version":"18.3.0","status":"affected"},{"version":"19.2.3","status":"affected"},{"version":"18.4.501_ES","status":"affected"},{"version":"20.3.1","status":"affected"},{"version":"20.1.2","status":"affected"},{"version":"19.2.929","status":"affected"},{"version":"19.2.31","status":"affected"},{"version":"20.3.2","status":"affected"},{"version":"19.2.32","status":"affected"},{"version":"20.3.2_925","status":"affected"},{"version":"20.3.2.1","status":"affected"},{"version":"20.3.2.1_927","status":"affected"},{"version":"18.4.6","status":"affected"},{"version":"20.1.2_937","status":"affected"},{"version":"20.4.1","status":"affected"},{"version":"20.3.2_928","status":"affected"},{"version":"20.3.2_929","status":"affected"},{"version":"20.4.1.0.1","status":"affected"},{"version":"20.3.2.1_930","status":"affected"},{"version":"19.2.4","status":"affected"},{"version":"20.5.0.1.1","status":"affected"},{"version":"20.4.1.1","status":"affected"},{"version":"20.3.3","status":"affected"},{"version":"19.2.4.0.1","status":"affected"},{"version":"20.3.2_937","status":"affected"},{"version":"20.3.3.1","status":"affected"},{"version":"20.5.1","status":"affected"},{"version":"20.1.3","status":"affected"},{"version":"20.3.3.0.4","status":"affected"},{"version":"20.3.3.1.2","status":"affected"},{"version":"20.3.3.1.1","status":"affected"},{"version":"20.4.1.2","status":"affected"},{"version":"20.3.3.0.2","status":"affected"},{"version":"20.4.1.1.5","status":"affected"},{"version":"20.4.1.0.01","status":"affected"},{"version":"20.4.1.0.02","status":"affected"},{"version":"20.3.3.1.7","status":"affected"},{"version":"20.3.3.1.5","status":"affected"},{"version":"20.5.1.0.1","status":"affected"},{"version":"20.3.3.1.10","status":"affected"},{"version":"20.3.3.0.8","status":"affected"},{"version":"20.4.2","status":"affected"},{"version":"20.4.2.0.1","status":"affected"},{"version":"20.3.4","status":"affected"},{"version":"20.3.3.0.14","status":"affected"},{"version":"19.2.4.0.8","status":"affected"},{"version":"19.2.4.0.9","status":"affected"},{"version":"20.3.4.0.1","status":"affected"},{"version":"20.3.2.0.5","status":"affected"},{"version":"20.6.1","status":"affected"},{"version":"20.5.1.0.2","status":"affected"},{"version":"20.3.3.0.17","status":"affected"},{"version":"20.6.1.1","status":"affected"},{"version":"20.6.0.18.3","status":"affected"},{"version":"20.3.2.0.6","status":"affected"},{"version":"20.6.0.18.4","status":"affected"},{"version":"20.4.2.0.2","status":"affected"},{"version":"20.3.3.0.16","status":"affected"},{"version":"20.3.4.0.5","status":"affected"},{"version":"20.6.1.0.1","status":"affected"},{"version":"20.3.4.0.6","status":"affected"},{"version":"20.6.2","status":"affected"},{"version":"20.7.1EFT2","status":"affected"},{"version":"20.3.4.0.9","status":"affected"},{"version":"20.3.4.0.11","status":"affected"},{"version":"20.4.2.0.4","status":"affected"},{"version":"20.3.3.0.18","status":"affected"},{"version":"20.7.1","status":"affected"},{"version":"20.6.2.1","status":"affected"},{"version":"20.3.4.1","status":"affected"},{"version":"20.5.1.1","status":"affected"},{"version":"20.4.2.1","status":"affected"},{"version":"20.4.2.1.1","status":"affected"},{"version":"20.3.4.1.1","status":"affected"},{"version":"20.3.813","status":"affected"},{"version":"20.3.4.0.19","status":"affected"},{"version":"20.4.2.2.1","status":"affected"},{"version":"20.5.1.2","status":"affected"},{"version":"20.3.4.2","status":"affected"},{"version":"20.3.814","status":"affected"},{"version":"20.4.2.2","status":"affected"},{"version":"20.6.2.2","status":"affected"},{"version":"20.3.4.2.1","status":"affected"},{"version":"20.7.1.1","status":"affected"},{"version":"20.3.4.1.2","status":"affected"},{"version":"20.6.2.2.2","status":"affected"},{"version":"20.3.4.0.20","status":"affected"},{"version":"20.6.2.2.3","status":"affected"},{"version":"20.4.2.2.2","status":"affected"},{"version":"20.3.5","status":"affected"},{"version":"20.6.2.0.4","status":"affected"},{"version":"20.4.2.2.3","status":"affected"},{"version":"20.3.4.0.24","status":"affected"},{"version":"20.6.2.2.7","status":"affected"},{"version":"20.6.3","status":"affected"},{"version":"20.3.4.2.2","status":"affected"},{"version":"20.4.2.2.4","status":"affected"},{"version":"20.7.1.0.2","status":"affected"},{"version":"20.8.1","status":"affected"},{"version":"20.3.5.0.8","status":"affected"},{"version":"20.3.5.0.9","status":"affected"},{"version":"20.4.2.2.8","status":"affected"},{"version":"20.3.5.0.7","status":"affected"},{"version":"20.6.3.0.7","status":"affected"},{"version":"20.6.3.0.5","status":"affected"},{"version":"20.6.3.0.10","status":"affected"},{"version":"20.6.3.0.2","status":"affected"},{"version":"20.7.2","status":"affected"},{"version":"20.9.1EFT2","status":"affected"},{"version":"20.6.3.0.11","status":"affected"},{"version":"20.6.3.1","status":"affected"},{"version":"20.6.3.0.14","status":"affected"},{"version":"20.6.4","status":"affected"},{"version":"20.9.1","status":"affected"},{"version":"20.6.3.0.19","status":"affected"},{"version":"20.6.3.0.18","status":"affected"},{"version":"20.3.6","status":"affected"},{"version":"20.9.1.1","status":"affected"},{"version":"20.6.3.0.23","status":"affected"},{"version":"20.6.4.0.4","status":"affected"},{"version":"20.6.3.0.25","status":"affected"},{"version":"20.6.5","status":"affected"},{"version":"20.6.3.0.27","status":"affected"},{"version":"20.9.2","status":"affected"},{"version":"20.9.2.1","status":"affected"},{"version":"20.6.3.0.29","status":"affected"},{"version":"20.6.3.0.31","status":"affected"},{"version":"20.6.3.0.32","status":"affected"},{"version":"20.10.1","status":"affected"},{"version":"20.6.3.0.33","status":"affected"},{"version":"20.9.2.0.01","status":"affected"},{"version":"20.9.1_LI_Images","status":"affected"},{"version":"20.10.1_LI_Images","status":"affected"},{"version":"20.9.2_LI_Images","status":"affected"},{"version":"20.3.7","status":"affected"},{"version":"20.9.3","status":"affected"},{"version":"20.6.5.1","status":"affected"},{"version":"20.11.1","status":"affected"},{"version":"20.11.1_LI_Images","status":"affected"},{"version":"20.9.3_LI_ Images","status":"affected"},{"version":"20.6.3.1.1","status":"affected"},{"version":"20.9.3.0.2","status":"affected"},{"version":"20.6.5.1.2","status":"affected"},{"version":"20.9.3.0.3","status":"affected"},{"version":"20.4.2.3","status":"affected"},{"version":"20.6.3.2","status":"affected"},{"version":"20.6.4.1","status":"affected"},{"version":"20.6.3.0.38","status":"affected"},{"version":"20.6.3.0.39","status":"affected"},{"version":"20.3.5.1","status":"affected"},{"version":"20.3.4.3","status":"affected"},{"version":"20.9.3.1","status":"affected"},{"version":"20.3.3.2","status":"affected"},{"version":"20.6.5.2","status":"affected"},{"version":"20.3.7.1","status":"affected"},{"version":"20.10.1.1","status":"affected"},{"version":"20.6.5.2.1","status":"affected"},{"version":"20.3.4.0.25","status":"affected"},{"version":"20.6.2.2.4","status":"affected"},{"version":"20.6.1.2","status":"affected"},{"version":"20.11.1.1","status":"affected"},{"version":"20.9.3.0.5","status":"affected"},{"version":"20.3.4.0.26","status":"affected"},{"version":"20.6.5.1.3","status":"affected"},{"version":"20.6.3.0.40","status":"affected"},{"version":"20.1.3.1","status":"affected"},{"version":"20.9.2.2","status":"affected"},{"version":"20.6.5.2.3","status":"affected"},{"version":"20.6.5.1.4","status":"affected"},{"version":"20.6.5.3","status":"affected"},{"version":"20.6.3.0.41","status":"affected"},{"version":"20.9.3.0.7","status":"affected"},{"version":"20.6.5.1.5","status":"affected"},{"version":"20.9.3.0.4","status":"affected"},{"version":"20.6.4.0.19","status":"affected"},{"version":"20.6.5.1.6","status":"affected"},{"version":"20.9.3.0.8","status":"affected"},{"version":"20.6.3.3","status":"affected"},{"version":"20.3.7.2","status":"affected"},{"version":"20.6.5.4","status":"affected"},{"version":"20.6.5.1.7","status":"affected"},{"version":"20.9.3.0.12","status":"affected"},{"version":"20.6.4.2","status":"affected"},{"version":"20.6.5.5","status":"affected"},{"version":"20.9.3.2","status":"affected"},{"version":"20.11.1.2","status":"affected"},{"version":"20.6.3.4","status":"affected"},{"version":"20.10.1.2","status":"affected"},{"version":"20.6.5.1.9","status":"affected"},{"version":"20.9.3.0.16","status":"affected"},{"version":"20.6.3.0.45","status":"affected"},{"version":"20.6.5.1.10","status":"affected"},{"version":"20.9.3.0.17","status":"affected"},{"version":"20.6.5.2.4","status":"affected"},{"version":"20.6.4.0.21","status":"affected"},{"version":"20.9.3.0.18","status":"affected"},{"version":"20.6.3.0.46","status":"affected"},{"version":"20.6.3.0.47","status":"affected"},{"version":"20.9.2.3","status":"affected"},{"version":"20.9.3.2_LI_Images","status":"affected"},{"version":"20.9.3.0.21","status":"affected"},{"version":"20.9.3.0.20","status":"affected"},{"version":"20.9.4_LI_Images","status":"affected"},{"version":"20.9.4","status":"affected"},{"version":"20.6.5.1.11","status":"affected"},{"version":"20.12.1","status":"affected"},{"version":"20.12.1_LI_Images","status":"affected"},{"version":"20.6.5.1.13","status":"affected"},{"version":"20.9.3.0.23","status":"affected"},{"version":"20.6.5.2.8","status":"affected"},{"version":"20.9.4.1","status":"affected"},{"version":"20.9.4.1_LI_Images","status":"affected"},{"version":"20.9.3.0.25","status":"affected"},{"version":"20.9.3.0.24","status":"affected"},{"version":"20.6.5.1.14","status":"affected"},{"version":"20.3.8","status":"affected"},{"version":"20.6.6","status":"affected"},{"version":"20.9.3.0.26","status":"affected"},{"version":"20.6.3.0.51","status":"affected"},{"version":"20.9.3.0.29","status":"affected"},{"version":"20.12.2","status":"affected"},{"version":"20.12.2_LI_Images","status":"affected"},{"version":"20.6.6.0.1","status":"affected"},{"version":"20.13.1_LI_Images","status":"affected"},{"version":"20.9.4.0.4","status":"affected"},{"version":"20.13.1","status":"affected"},{"version":"20.9.4.1.1","status":"affected"},{"version":"20.9.5","status":"affected"},{"version":"20.9.5_LI_Images","status":"affected"},{"version":"20.12.3_LI_Images","status":"affected"},{"version":"20.12.3","status":"affected"},{"version":"20.9.4.1.3","status":"affected"},{"version":"20.6.7","status":"affected"},{"version":"20.9.5.1","status":"affected"},{"version":"20.9.5.1_LI_Images","status":"affected"},{"version":"20.9.4.1.6","status":"affected"},{"version":"20.14.1","status":"affected"},{"version":"20.14.1_LI_Images","status":"affected"},{"version":"20.9.5.2","status":"affected"},{"version":"20.9.5.2.1","status":"affected"},{"version":"20.9.5.2_LI_Images","status":"affected"},{"version":"20.12.3.1","status":"affected"},{"version":"20.12.4","status":"affected"},{"version":"20.15.1_LI_Images","status":"affected"},{"version":"20.15.1","status":"affected"},{"version":"20.9.5.1.4","status":"affected"},{"version":"20.9.5.2.7","status":"affected"},{"version":"20.9.5.2.13","status":"affected"},{"version":"20.9.6","status":"affected"},{"version":"20.9.6_LI_Images","status":"affected"},{"version":"20.9.5.2.14","status":"affected"},{"version":"20.6.8","status":"affected"},{"version":"20.12.4.0.03","status":"affected"},{"version":"20.16.1","status":"affected"},{"version":"20.16.1_LI_Images","status":"affected"},{"version":"20.12.4_LI_Images","status":"affected"},{"version":"20.9.5.2.16","status":"affected"},{"version":"20.12.4.0.4","status":"affected"},{"version":"20.12.401","status":"affected"},{"version":"20.9.5.3","status":"affected"},{"version":"20.9.5.3_LI_Images","status":"affected"},{"version":"20.12.4.1_LI_Images","status":"affected"},{"version":"20.12.4.1","status":"affected"},{"version":"20.9.5.2.21","status":"affected"},{"version":"20.9.6.0.3","status":"affected"},{"version":"20.12.4.0.6","status":"affected"},{"version":"20.15.2_LI_Images","status":"affected"},{"version":"20.15.2","status":"affected"},{"version":"20.12.4_Monthly_ES5","status":"affected"},{"version":"20.12.5","status":"affected"},{"version":"20.12.5_LI_Images","status":"affected"},{"version":"20.9.7_LI _Images","status":"affected"},{"version":"20.9.7","status":"affected"},{"version":"20.15.3","status":"affected"},{"version":"20.15.3_ LI _Images","status":"affected"},{"version":"20.12.501","status":"affected"},{"version":"20.12.5.1_LI_Images","status":"affected"},{"version":"20.12.5.1","status":"affected"},{"version":"20.12.5.2_LI_Images","status":"affected"},{"version":"20.12.5.2","status":"affected"},{"version":"20.15.3.1","status":"affected"},{"version":"20.15.4_LI_Images","status":"affected"},{"version":"20.15.4","status":"affected"},{"version":"20.9.7.1_LI _Images","status":"affected"},{"version":"20.9.7.1","status":"affected"},{"version":"20.18.1","status":"affected"},{"version":"20.18.1_LI_Images","status":"affected"},{"version":"20.12.6_LI_Images","status":"affected"},{"version":"20.12.6","status":"affected"},{"version":"20.12.5.1.01","status":"affected"},{"version":"26.0.1","status":"affected"},{"version":"20.9.8","status":"affected"},{"version":"20.9.8_LI_Images","status":"affected"},{"version":"20.18.2","status":"affected"},{"version":"20.15.4.1_LI_Images","status":"affected"},{"version":"20.15.4.1","status":"affected"},{"version":"20.18.2_LI_Images","status":"affected"},{"version":"20.18.2.1_LI_Images","status":"affected"},{"version":"20.18.2.1","status":"affected"},{"version":"20.15.4.2_LI_Images","status":"affected"},{"version":"20.15.4.2","status":"affected"},{"version":"20.12.6.1","status":"affected"},{"version":"20.12.6.1_LI_Images","status":"affected"},{"version":"20.12.5.3","status":"affected"},{"version":"20.12.5.3_LI_Images","status":"affected"},{"version":"20.9.8.2_LI_Images","status":"affected"},{"version":"20.9.8.2","status":"affected"},{"version":"20.18.3","status":"affected"},{"version":"20.18.3_LI_Images","status":"affected"},{"version":"20.15.5","status":"affected"},{"version":"20.15.5_LI_Images","status":"affected"},{"version":"20.12.7","status":"affected"},{"version":"20.12.7_LI_Images","status":"affected"},{"version":"20.9.9","status":"affected"},{"version":"20.9.9_LI_Images","status":"affected"},{"version":"20.18.2.2","status":"affected"},{"version":"20.18.2.2_LI_Images","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"psirt@cisco.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N","baseScore":5.4,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":2.5}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-05-14T00:00:00+00:00","id":"CVE-2026-20210","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"psirt@cisco.com","type":"Secondary","description":[{"lang":"en","value":"CWE-779"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:catalyst_sd-wan_manager:*:*:*:*:*:*:*:*","versionEndExcluding":"20.9.9.1","matchCriteriaId":"5021D679-E23A-4D7F-B3B6-D664634A639C"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:catalyst_sd-wan_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"20.10","versionEndExcluding":"20.12.5.4","matchCriteriaId":"26022018-2273-4589-BE4F-AD92DA31CB58"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:catalyst_sd-wan_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"20.12.6","versionEndExcluding":"20.12.6.2","matchCriteriaId":"FDA5CA36-86B6-443D-B772-37A5901F3E83"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:catalyst_sd-wan_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"20.13","versionEndExcluding":"20.15.4.4","matchCriteriaId":"32A83687-B363-476B-89EF-B35C82575237"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:catalyst_sd-wan_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"20.15.5","versionEndExcluding":"20.15.5.2","matchCriteriaId":"709D0805-4B76-46A0-82D3-93C89926B389"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:catalyst_sd-wan_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"20.16","versionEndExcluding":"20.18.2.2","matchCriteriaId":"BB6A9216-3D47-4B33-B502-72B99859992E"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:catalyst_sd-wan_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"26.1","versionEndExcluding":"26.1.1.1","matchCriteriaId":"C34C0AB2-3E8E-4B12-BEA2-446F8F248B9A"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:catalyst_sd-wan_manager:20.12.7:*:*:*:*:*:*:*","matchCriteriaId":"6A03BCEF-DC25-488D-91D3-0A16F3B872E3"}]}]}],"references":[{"url":"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-mltvnps2-JxpWm7R","source":"psirt@cisco.com","tags":["Vendor Advisory"]},{"url":"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-rpa-EHchtZk","source":"psirt@cisco.com","tags":["Not Applicable"]}]}},{"cve":{"id":"CVE-2026-20224","sourceIdentifier":"psirt@cisco.com","published":"2026-05-14T17:16:20.353","lastModified":"2026-06-29T14:51:28.800","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"A vulnerability in the web UI of Cisco Catalyst SD-WAN Manager, formerly SD-WAN vManage, could allow an unauthenticated, remote attacker to read arbitrary files that are stored in an affected system. The attacker does not need to have valid user credentials.\r\n\r\nThis vulnerability is due to improper handling of XML External Entity (XXE) entries when parsing an XML file. An attacker could exploit this vulnerability by sending a crafted request to an affected system. A successful exploit could allow the attacker to read arbitrary files that are stored in the affected system."}],"affected":[{"source":"psirt@cisco.com","affectedData":[{"vendor":"Cisco","product":"Cisco Catalyst SD-WAN Manager","defaultStatus":"unknown","versions":[{"version":"20.1.12","status":"affected"},{"version":"19.2.1","status":"affected"},{"version":"18.4.4","status":"affected"},{"version":"18.4.5","status":"affected"},{"version":"20.1.1.1","status":"affected"},{"version":"20.1.1","status":"affected"},{"version":"19.3.0","status":"affected"},{"version":"19.2.2","status":"affected"},{"version":"19.2.099","status":"affected"},{"version":"18.3.6","status":"affected"},{"version":"18.3.7","status":"affected"},{"version":"19.2.0","status":"affected"},{"version":"18.3.8","status":"affected"},{"version":"19.0.0","status":"affected"},{"version":"19.1.0","status":"affected"},{"version":"18.4.302","status":"affected"},{"version":"18.4.303","status":"affected"},{"version":"19.2.097","status":"affected"},{"version":"19.2.098","status":"affected"},{"version":"17.2.10","status":"affected"},{"version":"18.3.6.1","status":"affected"},{"version":"19.0.1a","status":"affected"},{"version":"18.2.0","status":"affected"},{"version":"18.4.3","status":"affected"},{"version":"18.4.1","status":"affected"},{"version":"17.2.8","status":"affected"},{"version":"18.3.3.1","status":"affected"},{"version":"18.4.0","status":"affected"},{"version":"18.3.1","status":"affected"},{"version":"17.2.6","status":"affected"},{"version":"17.2.9","status":"affected"},{"version":"18.3.4","status":"affected"},{"version":"17.2.5","status":"affected"},{"version":"18.3.1.1","status":"affected"},{"version":"18.3.5","status":"affected"},{"version":"18.4.0.1","status":"affected"},{"version":"18.3.3","status":"affected"},{"version":"17.2.7","status":"affected"},{"version":"17.2.4","status":"affected"},{"version":"18.3.0","status":"affected"},{"version":"19.2.3","status":"affected"},{"version":"18.4.501_ES","status":"affected"},{"version":"20.3.1","status":"affected"},{"version":"20.1.2","status":"affected"},{"version":"19.2.929","status":"affected"},{"version":"19.2.31","status":"affected"},{"version":"20.3.2","status":"affected"},{"version":"19.2.32","status":"affected"},{"version":"20.3.2_925","status":"affected"},{"version":"20.3.2.1","status":"affected"},{"version":"20.3.2.1_927","status":"affected"},{"version":"18.4.6","status":"affected"},{"version":"20.1.2_937","status":"affected"},{"version":"20.4.1","status":"affected"},{"version":"20.3.2_928","status":"affected"},{"version":"20.3.2_929","status":"affected"},{"version":"20.4.1.0.1","status":"affected"},{"version":"20.3.2.1_930","status":"affected"},{"version":"19.2.4","status":"affected"},{"version":"20.5.0.1.1","status":"affected"},{"version":"20.4.1.1","status":"affected"},{"version":"20.3.3","status":"affected"},{"version":"19.2.4.0.1","status":"affected"},{"version":"20.3.2_937","status":"affected"},{"version":"20.3.3.1","status":"affected"},{"version":"20.5.1","status":"affected"},{"version":"20.1.3","status":"affected"},{"version":"20.3.3.0.4","status":"affected"},{"version":"20.3.3.1.2","status":"affected"},{"version":"20.3.3.1.1","status":"affected"},{"version":"20.4.1.2","status":"affected"},{"version":"20.3.3.0.2","status":"affected"},{"version":"20.4.1.1.5","status":"affected"},{"version":"20.4.1.0.01","status":"affected"},{"version":"20.4.1.0.02","status":"affected"},{"version":"20.3.3.1.7","status":"affected"},{"version":"20.3.3.1.5","status":"affected"},{"version":"20.5.1.0.1","status":"affected"},{"version":"20.3.3.1.10","status":"affected"},{"version":"20.3.3.0.8","status":"affected"},{"version":"20.4.2","status":"affected"},{"version":"20.4.2.0.1","status":"affected"},{"version":"20.3.4","status":"affected"},{"version":"20.3.3.0.14","status":"affected"},{"version":"19.2.4.0.8","status":"affected"},{"version":"19.2.4.0.9","status":"affected"},{"version":"20.3.4.0.1","status":"affected"},{"version":"20.3.2.0.5","status":"affected"},{"version":"20.6.1","status":"affected"},{"version":"20.5.1.0.2","status":"affected"},{"version":"20.3.3.0.17","status":"affected"},{"version":"20.6.1.1","status":"affected"},{"version":"20.6.0.18.3","status":"affected"},{"version":"20.3.2.0.6","status":"affected"},{"version":"20.6.0.18.4","status":"affected"},{"version":"20.4.2.0.2","status":"affected"},{"version":"20.3.3.0.16","status":"affected"},{"version":"20.3.4.0.5","status":"affected"},{"version":"20.6.1.0.1","status":"affected"},{"version":"20.3.4.0.6","status":"affected"},{"version":"20.6.2","status":"affected"},{"version":"20.7.1EFT2","status":"affected"},{"version":"20.3.4.0.9","status":"affected"},{"version":"20.3.4.0.11","status":"affected"},{"version":"20.4.2.0.4","status":"affected"},{"version":"20.3.3.0.18","status":"affected"},{"version":"20.7.1","status":"affected"},{"version":"20.6.2.1","status":"affected"},{"version":"20.3.4.1","status":"affected"},{"version":"20.5.1.1","status":"affected"},{"version":"20.4.2.1","status":"affected"},{"version":"20.4.2.1.1","status":"affected"},{"version":"20.3.4.1.1","status":"affected"},{"version":"20.3.813","status":"affected"},{"version":"20.3.4.0.19","status":"affected"},{"version":"20.4.2.2.1","status":"affected"},{"version":"20.5.1.2","status":"affected"},{"version":"20.3.4.2","status":"affected"},{"version":"20.3.814","status":"affected"},{"version":"20.4.2.2","status":"affected"},{"version":"20.6.2.2","status":"affected"},{"version":"20.3.4.2.1","status":"affected"},{"version":"20.7.1.1","status":"affected"},{"version":"20.3.4.1.2","status":"affected"},{"version":"20.6.2.2.2","status":"affected"},{"version":"20.3.4.0.20","status":"affected"},{"version":"20.6.2.2.3","status":"affected"},{"version":"20.4.2.2.2","status":"affected"},{"version":"20.3.5","status":"affected"},{"version":"20.6.2.0.4","status":"affected"},{"version":"20.4.2.2.3","status":"affected"},{"version":"20.3.4.0.24","status":"affected"},{"version":"20.6.2.2.7","status":"affected"},{"version":"20.6.3","status":"affected"},{"version":"20.3.4.2.2","status":"affected"},{"version":"20.4.2.2.4","status":"affected"},{"version":"20.7.1.0.2","status":"affected"},{"version":"20.8.1","status":"affected"},{"version":"20.3.5.0.8","status":"affected"},{"version":"20.3.5.0.9","status":"affected"},{"version":"20.4.2.2.8","status":"affected"},{"version":"20.3.5.0.7","status":"affected"},{"version":"20.6.3.0.7","status":"affected"},{"version":"20.6.3.0.5","status":"affected"},{"version":"20.6.3.0.10","status":"affected"},{"version":"20.6.3.0.2","status":"affected"},{"version":"20.7.2","status":"affected"},{"version":"20.9.1EFT2","status":"affected"},{"version":"20.6.3.0.11","status":"affected"},{"version":"20.6.3.1","status":"affected"},{"version":"20.6.3.0.14","status":"affected"},{"version":"20.6.4","status":"affected"},{"version":"20.9.1","status":"affected"},{"version":"20.6.3.0.19","status":"affected"},{"version":"20.6.3.0.18","status":"affected"},{"version":"20.3.6","status":"affected"},{"version":"20.9.1.1","status":"affected"},{"version":"20.6.3.0.23","status":"affected"},{"version":"20.6.4.0.4","status":"affected"},{"version":"20.6.3.0.25","status":"affected"},{"version":"20.6.5","status":"affected"},{"version":"20.6.3.0.27","status":"affected"},{"version":"20.9.2","status":"affected"},{"version":"20.9.2.1","status":"affected"},{"version":"20.6.3.0.29","status":"affected"},{"version":"20.6.3.0.31","status":"affected"},{"version":"20.6.3.0.32","status":"affected"},{"version":"20.10.1","status":"affected"},{"version":"20.6.3.0.33","status":"affected"},{"version":"20.9.2.0.01","status":"affected"},{"version":"20.9.1_LI_Images","status":"affected"},{"version":"20.10.1_LI_Images","status":"affected"},{"version":"20.9.2_LI_Images","status":"affected"},{"version":"20.3.7","status":"affected"},{"version":"20.9.3","status":"affected"},{"version":"20.6.5.1","status":"affected"},{"version":"20.11.1","status":"affected"},{"version":"20.11.1_LI_Images","status":"affected"},{"version":"20.9.3_LI_ Images","status":"affected"},{"version":"20.6.3.1.1","status":"affected"},{"version":"20.9.3.0.2","status":"affected"},{"version":"20.6.5.1.2","status":"affected"},{"version":"20.9.3.0.3","status":"affected"},{"version":"20.4.2.3","status":"affected"},{"version":"20.6.3.2","status":"affected"},{"version":"20.6.4.1","status":"affected"},{"version":"20.6.3.0.38","status":"affected"},{"version":"20.6.3.0.39","status":"affected"},{"version":"20.3.5.1","status":"affected"},{"version":"20.3.4.3","status":"affected"},{"version":"20.9.3.1","status":"affected"},{"version":"20.3.3.2","status":"affected"},{"version":"20.6.5.2","status":"affected"},{"version":"20.3.7.1","status":"affected"},{"version":"20.10.1.1","status":"affected"},{"version":"20.6.5.2.1","status":"affected"},{"version":"20.3.4.0.25","status":"affected"},{"version":"20.6.2.2.4","status":"affected"},{"version":"20.6.1.2","status":"affected"},{"version":"20.11.1.1","status":"affected"},{"version":"20.9.3.0.5","status":"affected"},{"version":"20.3.4.0.26","status":"affected"},{"version":"20.6.5.1.3","status":"affected"},{"version":"20.6.3.0.40","status":"affected"},{"version":"20.1.3.1","status":"affected"},{"version":"20.9.2.2","status":"affected"},{"version":"20.6.5.2.3","status":"affected"},{"version":"20.6.5.1.4","status":"affected"},{"version":"20.6.5.3","status":"affected"},{"version":"20.6.3.0.41","status":"affected"},{"version":"20.9.3.0.7","status":"affected"},{"version":"20.6.5.1.5","status":"affected"},{"version":"20.9.3.0.4","status":"affected"},{"version":"20.6.4.0.19","status":"affected"},{"version":"20.6.5.1.6","status":"affected"},{"version":"20.9.3.0.8","status":"affected"},{"version":"20.6.3.3","status":"affected"},{"version":"20.3.7.2","status":"affected"},{"version":"20.6.5.4","status":"affected"},{"version":"20.6.5.1.7","status":"affected"},{"version":"20.9.3.0.12","status":"affected"},{"version":"20.6.4.2","status":"affected"},{"version":"20.6.5.5","status":"affected"},{"version":"20.9.3.2","status":"affected"},{"version":"20.11.1.2","status":"affected"},{"version":"20.6.3.4","status":"affected"},{"version":"20.10.1.2","status":"affected"},{"version":"20.6.5.1.9","status":"affected"},{"version":"20.9.3.0.16","status":"affected"},{"version":"20.6.3.0.45","status":"affected"},{"version":"20.6.5.1.10","status":"affected"},{"version":"20.9.3.0.17","status":"affected"},{"version":"20.6.5.2.4","status":"affected"},{"version":"20.6.4.0.21","status":"affected"},{"version":"20.9.3.0.18","status":"affected"},{"version":"20.6.3.0.46","status":"affected"},{"version":"20.6.3.0.47","status":"affected"},{"version":"20.9.2.3","status":"affected"},{"version":"20.9.3.2_LI_Images","status":"affected"},{"version":"20.9.3.0.21","status":"affected"},{"version":"20.9.3.0.20","status":"affected"},{"version":"20.9.4_LI_Images","status":"affected"},{"version":"20.9.4","status":"affected"},{"version":"20.6.5.1.11","status":"affected"},{"version":"20.12.1","status":"affected"},{"version":"20.12.1_LI_Images","status":"affected"},{"version":"20.6.5.1.13","status":"affected"},{"version":"20.9.3.0.23","status":"affected"},{"version":"20.6.5.2.8","status":"affected"},{"version":"20.9.4.1","status":"affected"},{"version":"20.9.4.1_LI_Images","status":"affected"},{"version":"20.9.3.0.25","status":"affected"},{"version":"20.9.3.0.24","status":"affected"},{"version":"20.6.5.1.14","status":"affected"},{"version":"20.3.8","status":"affected"},{"version":"20.6.6","status":"affected"},{"version":"20.9.3.0.26","status":"affected"},{"version":"20.6.3.0.51","status":"affected"},{"version":"20.9.3.0.29","status":"affected"},{"version":"20.12.2","status":"affected"},{"version":"20.12.2_LI_Images","status":"affected"},{"version":"20.6.6.0.1","status":"affected"},{"version":"20.13.1_LI_Images","status":"affected"},{"version":"20.9.4.0.4","status":"affected"},{"version":"20.13.1","status":"affected"},{"version":"20.9.4.1.1","status":"affected"},{"version":"20.9.5","status":"affected"},{"version":"20.9.5_LI_Images","status":"affected"},{"version":"20.12.3_LI_Images","status":"affected"},{"version":"20.12.3","status":"affected"},{"version":"20.9.4.1.3","status":"affected"},{"version":"20.6.7","status":"affected"},{"version":"20.9.5.1","status":"affected"},{"version":"20.9.5.1_LI_Images","status":"affected"},{"version":"20.9.4.1.6","status":"affected"},{"version":"20.14.1","status":"affected"},{"version":"20.14.1_LI_Images","status":"affected"},{"version":"20.9.5.2","status":"affected"},{"version":"20.9.5.2.1","status":"affected"},{"version":"20.9.5.2_LI_Images","status":"affected"},{"version":"20.12.3.1","status":"affected"},{"version":"20.12.4","status":"affected"},{"version":"20.15.1_LI_Images","status":"affected"},{"version":"20.15.1","status":"affected"},{"version":"20.9.5.1.4","status":"affected"},{"version":"20.9.5.2.7","status":"affected"},{"version":"20.9.5.2.13","status":"affected"},{"version":"20.9.6","status":"affected"},{"version":"20.9.6_LI_Images","status":"affected"},{"version":"20.9.5.2.14","status":"affected"},{"version":"20.6.8","status":"affected"},{"version":"20.12.4.0.03","status":"affected"},{"version":"20.16.1","status":"affected"},{"version":"20.16.1_LI_Images","status":"affected"},{"version":"20.12.4_LI_Images","status":"affected"},{"version":"20.9.5.2.16","status":"affected"},{"version":"20.12.4.0.4","status":"affected"},{"version":"20.12.401","status":"affected"},{"version":"20.9.5.3","status":"affected"},{"version":"20.9.5.3_LI_Images","status":"affected"},{"version":"20.12.4.1_LI_Images","status":"affected"},{"version":"20.12.4.1","status":"affected"},{"version":"20.9.5.2.21","status":"affected"},{"version":"20.9.6.0.3","status":"affected"},{"version":"20.12.4.0.6","status":"affected"},{"version":"20.15.2_LI_Images","status":"affected"},{"version":"20.15.2","status":"affected"},{"version":"20.12.4_Monthly_ES5","status":"affected"},{"version":"20.12.5","status":"affected"},{"version":"20.12.5_LI_Images","status":"affected"},{"version":"20.9.7_LI _Images","status":"affected"},{"version":"20.9.7","status":"affected"},{"version":"20.15.3","status":"affected"},{"version":"20.15.3_ LI _Images","status":"affected"},{"version":"20.12.501","status":"affected"},{"version":"20.12.5.1_LI_Images","status":"affected"},{"version":"20.12.5.1","status":"affected"},{"version":"20.12.5.2_LI_Images","status":"affected"},{"version":"20.12.5.2","status":"affected"},{"version":"20.15.3.1","status":"affected"},{"version":"20.15.4_LI_Images","status":"affected"},{"version":"20.15.4","status":"affected"},{"version":"20.9.7.1_LI _Images","status":"affected"},{"version":"20.9.7.1","status":"affected"},{"version":"20.18.1","status":"affected"},{"version":"20.18.1_LI_Images","status":"affected"},{"version":"20.12.6_LI_Images","status":"affected"},{"version":"20.12.6","status":"affected"},{"version":"20.12.5.1.01","status":"affected"},{"version":"26.0.1","status":"affected"},{"version":"20.9.8","status":"affected"},{"version":"20.9.8_LI_Images","status":"affected"},{"version":"20.18.2","status":"affected"},{"version":"20.15.4.1_LI_Images","status":"affected"},{"version":"20.15.4.1","status":"affected"},{"version":"20.18.2_LI_Images","status":"affected"},{"version":"26.1.1","status":"affected"},{"version":"26.1.1_LI_Images","status":"affected"},{"version":"20.18.2.1_LI_Images","status":"affected"},{"version":"20.18.2.1","status":"affected"},{"version":"20.15.4.2_LI_Images","status":"affected"},{"version":"20.15.4.2","status":"affected"},{"version":"20.12.6.1","status":"affected"},{"version":"20.12.6.1_LI_Images","status":"affected"},{"version":"20.12.5.3","status":"affected"},{"version":"20.12.5.3_LI_Images","status":"affected"},{"version":"20.9.8.2_LI_Images","status":"affected"},{"version":"20.9.8.2","status":"affected"},{"version":"20.18.3","status":"affected"},{"version":"20.18.3_LI_Images","status":"affected"},{"version":"20.15.5","status":"affected"},{"version":"20.15.5_LI_Images","status":"affected"},{"version":"20.12.7","status":"affected"},{"version":"20.12.7_LI_Images","status":"affected"},{"version":"20.9.9","status":"affected"},{"version":"20.9.9_LI_Images","status":"affected"},{"version":"20.18.2.2","status":"affected"},{"version":"20.18.2.2_LI_Images","status":"affected"},{"version":"20.12.5.4","status":"affected"},{"version":"20.12.5.4_LI_ Images","status":"affected"},{"version":"20.12.7.1_LI_Images","status":"affected"},{"version":"20.12.6.2_LI_Images","status":"affected"},{"version":"20.12.7.1","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"psirt@cisco.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N","baseScore":8.6,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":4.0}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-05-14T18:29:43.192282Z","id":"CVE-2026-20224","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"psirt@cisco.com","type":"Secondary","description":[{"lang":"en","value":"CWE-20"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:catalyst_sd-wan_manager:*:*:*:*:*:*:*:*","versionEndExcluding":"20.9.9.1","matchCriteriaId":"5021D679-E23A-4D7F-B3B6-D664634A639C"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:catalyst_sd-wan_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"20.10","versionEndExcluding":"20.12.5.4","matchCriteriaId":"26022018-2273-4589-BE4F-AD92DA31CB58"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:catalyst_sd-wan_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"20.12.6","versionEndExcluding":"20.12.6.2","matchCriteriaId":"FDA5CA36-86B6-443D-B772-37A5901F3E83"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:catalyst_sd-wan_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"20.13","versionEndExcluding":"20.15.4.4","matchCriteriaId":"32A83687-B363-476B-89EF-B35C82575237"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:catalyst_sd-wan_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"20.15.5","versionEndExcluding":"20.15.5.2","matchCriteriaId":"709D0805-4B76-46A0-82D3-93C89926B389"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:catalyst_sd-wan_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"20.16","versionEndExcluding":"20.18.2.2","matchCriteriaId":"BB6A9216-3D47-4B33-B502-72B99859992E"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:catalyst_sd-wan_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"26.1","versionEndExcluding":"26.1.1.1","matchCriteriaId":"C34C0AB2-3E8E-4B12-BEA2-446F8F248B9A"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:catalyst_sd-wan_manager:20.12.7:*:*:*:*:*:*:*","matchCriteriaId":"6A03BCEF-DC25-488D-91D3-0A16F3B872E3"}]}]}],"references":[{"url":"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-mltvnps2-JxpWm7R","source":"psirt@cisco.com","tags":["Vendor Advisory"]},{"url":"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-rpa-EHchtZk","source":"psirt@cisco.com","tags":["Not Applicable"]}]}},{"cve":{"id":"CVE-2026-9150","sourceIdentifier":"secalert@redhat.com","published":"2026-05-20T23:16:36.010","lastModified":"2026-06-29T17:16:30.900","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"A flaw was found in libsolv. This stack-based buffer overflow vulnerability occurs in libsolv's Debian metadata parser when processing specially crafted Debian repository metadata. An attacker could exploit this by providing malicious SHA384 or SHA512 checksum tags, leading to memory corruption and a denial of service (DoS) in the affected system."}],"affected":[{"source":"secalert@redhat.com","affectedData":[{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 10","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"libsolv","cpes":["cpe:/o:redhat:enterprise_linux:10.2"],"versions":[{"version":"0:0.7.33-5.el10_2","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Hardened Images","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"libsolv-main","cpes":["cpe:/a:redhat:hummingbird:1"],"versions":[{"version":"0.7.38-2.hum1","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Hardened Images","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"libsolv-main","cpes":["cpe:/a:redhat:hummingbird:1"],"versions":[{"version":"0.7.39-3.hum1","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 7","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"libsolv","cpes":["cpe:/o:redhat:enterprise_linux:7"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8","defaultStatus":"unaffected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"libsolv","cpes":["cpe:/o:redhat:enterprise_linux:8"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"libsolv","cpes":["cpe:/o:redhat:enterprise_linux:9"]},{"vendor":"Red Hat","product":"Red Hat OpenShift Container Platform 4","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"rhcos","cpes":["cpe:/a:redhat:openshift:4"]},{"vendor":"Red Hat","product":"Red Hat Satellite 6","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"satellite-capsule:el8/libsolv","cpes":["cpe:/a:redhat:satellite:6"]},{"vendor":"Red Hat","product":"Red Hat Update Infrastructure 4 for Cloud Providers","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"libsolv","cpes":["cpe:/a:redhat:rhui:4::el8"]}]}],"metrics":{"cvssMetricV31":[{"source":"secalert@redhat.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-05-21T14:03:20.850245Z","id":"CVE-2026-9150","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"secalert@redhat.com","type":"Secondary","description":[{"lang":"en","value":"CWE-121"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:opensuse:libsolv:*:*:*:*:*:*:*:*","versionEndIncluding":"0.7.36","matchCriteriaId":"C5E77B8B-49EC-4357-9246-3B07632AFF19"},{"vulnerable":true,"criteria":"cpe:2.3:a:redhat:hardened_images:-:*:*:*:*:*:*:*","matchCriteriaId":"87DEB507-5B64-47D7-9A50-3B87FD1E571F"},{"vulnerable":true,"criteria":"cpe:2.3:a:redhat:openshift_container_platform:4.0:*:*:*:*:*:*:*","matchCriteriaId":"932D137F-528B-4526-9A89-CD59FA1AB0FE"},{"vulnerable":true,"criteria":"cpe:2.3:a:redhat:satellite:6.0:*:*:*:*:*:*:*","matchCriteriaId":"848C92A9-0677-442B-8D52-A448F2019903"},{"vulnerable":true,"criteria":"cpe:2.3:a:redhat:update_infrastructure:4:*:*:*:*:*:*:*","matchCriteriaId":"E8D92E10-0E79-479F-A963-5657D1BC4E03"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*","matchCriteriaId":"142AD0DD-4CF3-4D74-9442-459CE3347E3A"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*","matchCriteriaId":"F4CFF558-3C47-480D-A2F0-BABF26042943"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*","matchCriteriaId":"7F6FB57C-2BC7-487C-96DD-132683AEB35D"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux:10.0:*:*:*:*:*:*:*","matchCriteriaId":"D65C2163-CFC2-4ABB-8F4E-CB09CEBD006C"}]}]}],"references":[{"url":"https://access.redhat.com/errata/RHSA-2026:21333","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:28236","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:30649","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/security/cve/CVE-2026-9150","source":"secalert@redhat.com","tags":["Third Party Advisory"]},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2460379","source":"secalert@redhat.com","tags":["Issue Tracking","Third Party Advisory"]},{"url":"https://github.com/openSUSE/libsolv/pull/616","source":"secalert@redhat.com","tags":["Issue Tracking","Patch"]}]}},{"cve":{"id":"CVE-2025-70099","sourceIdentifier":"cve@mitre.org","published":"2026-06-01T21:16:24.187","lastModified":"2026-06-29T20:17:31.740","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"A NULL pointer dereference in the ext4_dir_en_get_name_len function in include/ext4_dir.h of lwext4 1.0.0 allows attackers to cause a denial of service by supplying a specially crafted EXT4 filesystem image with malformed directory entries. During directory iteration, the code may fail to validate the directory entry pointer before accessing the name_len field, resulting in a segmentation fault. This affects versions based on (or equivalent to) the 2016-era codebase (1.0.0)."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-02T15:19:41.112738Z","id":"CVE-2025-70099","options":[{"exploitation":"poc"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-476"}]}],"references":[{"url":"https://github.com/gkostka/lwext4/issues/89","source":"cve@mitre.org"},{"url":"https://github.com/sigdevel/pocs/blob/main/res/lwext4/1/sig11_2_1_lwext4_ext4_dir_h_126","source":"cve@mitre.org"},{"url":"https://infosec.exchange/@sigdevel/116668939725424227","source":"cve@mitre.org"},{"url":"http://www.openwall.com/lists/oss-security/2026/06/29/4","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://github.com/gkostka/lwext4/issues/89","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0"}]}},{"cve":{"id":"CVE-2025-70100","sourceIdentifier":"cve@mitre.org","published":"2026-06-03T14:16:31.217","lastModified":"2026-06-29T20:17:31.907","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"A divide-by-zero vulnerability in the ext4_block_set_lb_size function in src/ext4_blockdev.c of the lwext4 1.0.0 library allows attackers to cause a denial of service by providing a malformed ext4 filesystem image that results in a zero logical block size. The vulnerability is triggered during mount or image processing and leads to a Floating-Point Exception (FPE) under sanitizers or a runtime crash in standard builds due to missing validation of lb_size."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H","baseScore":5.5,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-03T17:33:43.633264Z","id":"CVE-2025-70100","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-369"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:gkostka:lwext4:1.0.0:*:*:*:*:*:*:*","matchCriteriaId":"70BC7F76-4450-4CC3-8C76-64CBB6EC4740"}]}]}],"references":[{"url":"https://github.com/gkostka/lwext4/issues/90","source":"cve@mitre.org","tags":["Exploit","Issue Tracking","Patch"]},{"url":"https://github.com/sigdevel/pocs/blob/main/res/lwext4/2/sig8_2_lwext4_ext4_blockdev_c_127","source":"cve@mitre.org","tags":["Exploit"]},{"url":"https://infosec.exchange/@sigdevel/116668952003072580","source":"cve@mitre.org","tags":["Exploit","Patch","Third Party Advisory"]},{"url":"http://www.openwall.com/lists/oss-security/2026/06/29/5","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://github.com/gkostka/lwext4/issues/90","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","tags":["Exploit","Issue Tracking","Patch"]}]}},{"cve":{"id":"CVE-2025-70101","sourceIdentifier":"cve@mitre.org","published":"2026-06-03T14:16:31.340","lastModified":"2026-06-29T20:17:32.083","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"An out-of-bounds read in the ext4_ext_binsearch_idx function in src/ext4_extent.c of the lwext4 1.0.0 library allows attackers to cause a denial of service by supplying a specially crafted ext4 filesystem image. The vulnerability occurs due to insufficient validation of extent header fields before performing a binary search over extent index entries, which can result in invalid pointer calculations and an out-of-bounds memory read during extent tree traversal."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-03T17:35:26.349072Z","id":"CVE-2025-70101","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-125"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:gkostka:lwext4:1.0.0:*:*:*:*:*:*:*","matchCriteriaId":"70BC7F76-4450-4CC3-8C76-64CBB6EC4740"}]}]}],"references":[{"url":"https://github.com/gkostka/lwext4/issues/91","source":"cve@mitre.org","tags":["Exploit","Issue Tracking","Patch"]},{"url":"https://github.com/sigdevel/pocs/blob/main/res/lwext4/3/sig11_lwext4_ext4_extent_815","source":"cve@mitre.org","tags":["Exploit"]},{"url":"https://infosec.exchange/@sigdevel/116668958927817708","source":"cve@mitre.org","tags":["Exploit","Patch","Third Party Advisory"]},{"url":"http://www.openwall.com/lists/oss-security/2026/06/29/6","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://github.com/gkostka/lwext4/issues/91","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","tags":["Exploit","Issue Tracking","Patch"]}]}},{"cve":{"id":"CVE-2026-41855","sourceIdentifier":"security@vmware.com","published":"2026-06-09T05:16:37.770","lastModified":"2026-06-29T14:41:50.613","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"In an untrusted JMS environment, org.springframework.jms.support.converter.MappingJackson2MessageConverter and org.springframework.jms.support.converter.JacksonJsonMessageConverter allow arbitrary class instantiation, which can lead to unauthorized actions via gadget class deserialization.\n\nAffected versions:\nSpring Framework 7.0.0 through 7.0.7; 6.2.0 through 6.2.18; 6.1.0 through 6.1.27; 5.3.0 through 5.3.48."}],"affected":[{"source":"security@vmware.com","affectedData":[{"vendor":"Spring","product":"Spring Framework","defaultStatus":"unaffected","versions":[{"version":"7.0.0","lessThan":"7.0.7.1","versionType":"custom","status":"affected"},{"version":"6.2.0","lessThan":"6.2.18.1","versionType":"custom","status":"affected"},{"version":"6.1.0","lessThan":"6.1.28","versionType":"custom","status":"affected"},{"version":"5.3.0","lessThan":"5.3.49","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"security@vmware.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":8.1,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.2,"impactScore":5.9},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-09T00:00:00+00:00","id":"CVE-2026-41855","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security@vmware.com","type":"Secondary","description":[{"lang":"en","value":"CWE-502"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:vmware:spring_framework:*:*:*:*:*:*:*:*","versionStartIncluding":"5.3.0","versionEndExcluding":"5.3.49","matchCriteriaId":"9394F974-169E-4FB0-A85B-0114477DE421"},{"vulnerable":true,"criteria":"cpe:2.3:a:vmware:spring_framework:*:*:*:*:*:*:*:*","versionStartIncluding":"6.1.0","versionEndExcluding":"6.1.28","matchCriteriaId":"CE392CE7-5DA3-4DBE-B22C-27781E204B7E"},{"vulnerable":true,"criteria":"cpe:2.3:a:vmware:spring_framework:*:*:*:*:*:*:*:*","versionStartIncluding":"6.2.0","versionEndExcluding":"6.2.18.1","matchCriteriaId":"8D4BC30C-3E08-4A62-992D-4D2274844D54"},{"vulnerable":true,"criteria":"cpe:2.3:a:vmware:spring_framework:*:*:*:*:*:*:*:*","versionStartIncluding":"7.0.0","versionEndExcluding":"7.0.7.1","matchCriteriaId":"569A2EF8-281F-4D8A-A76C-79ED67826B38"}]}]}],"references":[{"url":"https://spring.io/security/cve-2026-41855","source":"security@vmware.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-26142","sourceIdentifier":"secure@microsoft.com","published":"2026-06-09T17:17:03.087","lastModified":"2026-06-29T15:19:35.997","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Deserialization of untrusted data in Nuance PowerScribe allows an unauthorized attacker to execute code over a network."}],"affected":[{"source":"secure@microsoft.com","affectedData":[{"vendor":"Microsoft","product":"Nuance PowerScribe 360 4.0","versions":[{"version":"4.0","lessThan":"7.0.11.49","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Nuance PowerScribe 360 version 4.0.1","versions":[{"version":"4.0.1","lessThan":"7.0.111.68","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Nuance PowerScribe 360 version 4.0.2","versions":[{"version":"4.0.2","lessThan":"7.0.154.18","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Nuance PowerScribe 360 version 4.0.3","versions":[{"version":"4.0.3","lessThan":"7.0.197.10","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Nuance PowerScribe 360 version 4.0.4","versions":[{"version":"4.0.4","lessThan":"7.0.212.10","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Nuance PowerScribe 360 version 4.0.5","versions":[{"version":"4.0.5","lessThan":"7.0.243.19","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Nuance PowerScribe 360 version 4.0.6","versions":[{"version":"4.0.6","lessThan":"7.0.277.28","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Nuance PowerScribe 360 version 4.0.7","versions":[{"version":"4.0.7","lessThan":"7.0.316.12","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Nuance PowerScribe 360 version 4.0.8","versions":[{"version":"4.0.8","lessThan":"7.0.427.15","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Nuance PowerScribe 360 version 4.0.9","versions":[{"version":"4.0.9","lessThan":"7.0.528.24","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Nuance PowerScribe One version 2019.1","versions":[{"version":"2019.1","lessThan":"2019.1.96.6","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Nuance PowerScribe One version 2019.10","versions":[{"version":"2019.10","lessThan":"2019.10.36.14","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Nuance PowerScribe One version 2019.2","versions":[{"version":"2019.2","lessThan":"2019.2.9.11","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Nuance PowerScribe One version 2019.3","versions":[{"version":"2019.3","lessThan":"2019.3.16.21","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Nuance PowerScribe One version 2019.4","versions":[{"version":"2019.4","lessThan":"2019.4.9.17","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Nuance PowerScribe One version 2019.5","versions":[{"version":"2019.5","lessThan":"2019.5.14.40","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Nuance PowerScribe One version 2019.6","versions":[{"version":"2019.6","lessThan":"2019.6.36.40","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Nuance PowerScribe One version 2019.7","versions":[{"version":"2019.7","lessThan":"2019.7.107.26","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Nuance PowerScribe One version 2019.8","versions":[{"version":"2019.8","lessThan":"2019.8.43.19","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Nuance PowerScribe One version 2019.9","versions":[{"version":"2019.9","lessThan":"2019.9.31.23","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"PowerScribe One version 2023.1 SP2 Patch 11","versions":[{"version":"2023.1","lessThan":"2023.2.3054","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"PowerScribe One version 2023.1 SP3 Patch 6","versions":[{"version":"2023.1","lessThan":"2023.3.9072","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"secure@microsoft.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-10T14:25:12.399806Z","id":"CVE-2026-26142","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"secure@microsoft.com","type":"Secondary","description":[{"lang":"en","value":"CWE-502"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:nuance_powerscribe_360:4.0.0:*:*:*:*:*:*:*","matchCriteriaId":"4505FF36-5D27-40BD-9BB1-F426E1F22108"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:nuance_powerscribe_360:4.0.1:*:*:*:*:*:*:*","matchCriteriaId":"A11285B4-4EC6-4BF1-8A1B-47FF97C4FDB6"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:nuance_powerscribe_360:4.0.2:*:*:*:*:*:*:*","matchCriteriaId":"338738D0-96CD-408B-B782-1C5BA01B3753"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:nuance_powerscribe_360:4.0.3:*:*:*:*:*:*:*","matchCriteriaId":"8B5C5313-39F8-4C4C-A789-E64F2AD7D150"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:nuance_powerscribe_360:4.0.4:*:*:*:*:*:*:*","matchCriteriaId":"A5E14BBD-F77C-4946-A4C9-143E47299977"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:nuance_powerscribe_360:4.0.5:*:*:*:*:*:*:*","matchCriteriaId":"7CF04E38-FD09-4B6B-B5CF-F0F49982CF1C"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:nuance_powerscribe_360:4.0.6:*:*:*:*:*:*:*","matchCriteriaId":"463A6A94-C936-44B4-B4B6-6C88A93F1D37"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:nuance_powerscribe_360:4.0.7:*:*:*:*:*:*:*","matchCriteriaId":"98EC89A0-23EE-4638-A2C3-4C4D917DA9EE"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:nuance_powerscribe_360:4.0.8:*:*:*:*:*:*:*","matchCriteriaId":"67F8EF7B-FE3C-42FE-A00B-40E7CFCDA961"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:nuance_powerscribe_360:4.0.9:*:*:*:*:*:*:*","matchCriteriaId":"F5B27622-02CA-4374-91B8-52BED59F92EF"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:nuance_powerscribe_one:2019.1:*:*:*:*:*:*:*","matchCriteriaId":"62329468-E85C-4A3C-A0BF-8BA11941DED5"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:nuance_powerscribe_one:2019.2:*:*:*:*:*:*:*","matchCriteriaId":"3EDC600D-8637-4BAB-AC7D-A9D95B03DAB9"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:nuance_powerscribe_one:2019.3:*:*:*:*:*:*:*","matchCriteriaId":"47AC5A9D-8016-4BDB-9D8F-098CFD93855A"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:nuance_powerscribe_one:2019.4:*:*:*:*:*:*:*","matchCriteriaId":"9B6B794A-C467-411D-9468-A7ADDA7D6157"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:nuance_powerscribe_one:2019.5:*:*:*:*:*:*:*","matchCriteriaId":"870B35F1-75F2-4EBB-A4C5-F6C3118BBC25"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:nuance_powerscribe_one:2019.6:*:*:*:*:*:*:*","matchCriteriaId":"548FC39C-8C08-4285-A5FC-0785738C4471"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:nuance_powerscribe_one:2019.7:*:*:*:*:*:*:*","matchCriteriaId":"4F44CAAE-A020-4F81-BF96-48F9D6559A7D"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:nuance_powerscribe_one:2019.8:*:*:*:*:*:*:*","matchCriteriaId":"EA71CDB3-269C-4EE8-9F46-FD7CC1284B9C"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:nuance_powerscribe_one:2019.9:*:*:*:*:*:*:*","matchCriteriaId":"F374C80B-0336-4687-879B-1745234B9E37"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:nuance_powerscribe_one:2019.10:*:*:*:*:*:*:*","matchCriteriaId":"682143B4-04BA-4C11-AAE8-E687B6BE4688"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:nuance_powerscribe_one:2023.1:sp2_patch_11:*:*:*:*:*:*","matchCriteriaId":"75FC9AE7-A491-4C3C-8D23-5E11F0F14265"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:nuance_powerscribe_one:2023.1:sp3_patch_6:*:*:*:*:*:*","matchCriteriaId":"CD88F6EF-23D2-41FF-A1BC-0EEB19CE17FB"}]}]}],"references":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-26142","source":"secure@microsoft.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-34694","sourceIdentifier":"psirt@adobe.com","published":"2026-06-09T18:16:40.023","lastModified":"2026-06-29T14:20:03.990","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Adobe Experience Manager Forms JEE versions LTS SP1, 6.5.24.0 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a high-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim's browser when they browse to the page containing the vulnerable field. Scope is changed."}],"affected":[{"source":"psirt@adobe.com","affectedData":[{"vendor":"Adobe","product":"Adobe Experience Manager Forms JEE","defaultStatus":"affected","versions":[{"version":"0","lessThanOrEqual":"6.5.24.0","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"psirt@adobe.com","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N","baseScore":4.8,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":1.7,"impactScore":2.7},{"source":"nvd@nist.gov","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N","baseScore":4.8,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":1.7,"impactScore":2.7}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-09T18:39:53.922203Z","id":"CVE-2026-34694","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"psirt@adobe.com","type":"Secondary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:adobe:experience_manager:*:*:*:*:-:*:*:*","versionEndIncluding":"6.5.24.0","matchCriteriaId":"5898EACB-FA50-4AED-9248-9D4FBFD558D9"},{"vulnerable":true,"criteria":"cpe:2.3:a:adobe:experience_manager:6.5:-:*:*:lts:*:*:*","matchCriteriaId":"852C2582-859F-40DB-96CF-E1274CEECC1F"},{"vulnerable":true,"criteria":"cpe:2.3:a:adobe:experience_manager:6.5:sp1:*:*:lts:*:*:*","matchCriteriaId":"00DDCBAD-1FEF-487F-97BB-481DC02F493A"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:o:apple:iphone_os:-:*:*:*:*:*:*:*","matchCriteriaId":"B5415705-33E5-46D5-8E4D-9EBADC8C5705"},{"vulnerable":false,"criteria":"cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*","matchCriteriaId":"387021A0-AF36-463C-A605-32EA7DAC172E"},{"vulnerable":false,"criteria":"cpe:2.3:o:google:android:-:*:*:*:*:*:*:*","matchCriteriaId":"F8B9FEC8-73B6-43B8-B24E-1F7C20D91D26"},{"vulnerable":false,"criteria":"cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*","matchCriteriaId":"703AF700-7A70-47E2-BC3A-7FD03B3CA9C1"},{"vulnerable":false,"criteria":"cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*","matchCriteriaId":"A2572D17-1DE6-457B-99CC-64AFD54487EA"}]}]}],"references":[{"url":"https://helpx.adobe.com/security/products/aem-forms/apsb26-57.html","source":"psirt@adobe.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-47907","sourceIdentifier":"psirt@adobe.com","published":"2026-06-09T20:16:59.803","lastModified":"2026-06-29T14:20:01.523","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Dreamweaver Desktop versions 21.7 and earlier are affected by an Improper Access Control vulnerability that could result in arbitrary code execution in the context of the current user. An attacker could exploit this vulnerability to execute arbitrary code. Exploitation of this issue requires user interaction in that a victim must open a malicious file. Scope is changed."}],"affected":[{"source":"psirt@adobe.com","affectedData":[{"vendor":"Adobe","product":"Dreamweaver Desktop","defaultStatus":"affected","versions":[{"version":"0","lessThanOrEqual":"21.7","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"psirt@adobe.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H","baseScore":8.6,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":6.0},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H","baseScore":8.6,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":6.0}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-10T03:59:33.748956Z","id":"CVE-2026-47907","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"psirt@adobe.com","type":"Secondary","description":[{"lang":"en","value":"CWE-284"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-noinfo"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:adobe:dreamweaver:*:*:*:*:*:*:*:*","versionEndExcluding":"21.8","matchCriteriaId":"E01200D1-BCE4-4EBC-A01B-CFBE08B4570C"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*","matchCriteriaId":"387021A0-AF36-463C-A605-32EA7DAC172E"},{"vulnerable":false,"criteria":"cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*","matchCriteriaId":"A2572D17-1DE6-457B-99CC-64AFD54487EA"}]}]}],"references":[{"url":"https://helpx.adobe.com/security/products/dreamweaver/apsb26-62.html","source":"psirt@adobe.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-47931","sourceIdentifier":"psirt@adobe.com","published":"2026-06-09T21:17:23.050","lastModified":"2026-06-29T17:23:04.503","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"ColdFusion versions 2023.19, 2025.8 and earlier are affected by an Improper Input Validation vulnerability that could result in arbitrary code execution in the context of the current user. An attacker with high privileges could exploit this vulnerability to execute arbitrary code. Exploitation of this issue does not require user interaction. Scope is changed."}],"affected":[{"source":"psirt@adobe.com","affectedData":[{"vendor":"Adobe","product":"ColdFusion","defaultStatus":"affected","versions":[{"version":"0","lessThanOrEqual":"2025.8","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"psirt@adobe.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H","baseScore":8.4,"baseSeverity":"HIGH","attackVector":"ADJACENT_NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.7,"impactScore":6.0},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H","baseScore":9.1,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.3,"impactScore":6.0}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-10T00:00:00+00:00","id":"CVE-2026-47931","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"psirt@adobe.com","type":"Secondary","description":[{"lang":"en","value":"CWE-20"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-noinfo"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:adobe:coldfusion:2023:-:*:*:*:*:*:*","matchCriteriaId":"B02A37FE-5D31-4892-A3E6-156A8FE62D28"},{"vulnerable":true,"criteria":"cpe:2.3:a:adobe:coldfusion:2023:update1:*:*:*:*:*:*","matchCriteriaId":"0AA3D302-CFEE-4DFD-AB92-F53C87721BFF"},{"vulnerable":true,"criteria":"cpe:2.3:a:adobe:coldfusion:2023:update10:*:*:*:*:*:*","matchCriteriaId":"645D1B5F-2DAB-4AB8-A465-AC37FF494F95"},{"vulnerable":true,"criteria":"cpe:2.3:a:adobe:coldfusion:2023:update11:*:*:*:*:*:*","matchCriteriaId":"ED6D8996-0770-4C9F-BEA5-87EA479D40A5"},{"vulnerable":true,"criteria":"cpe:2.3:a:adobe:coldfusion:2023:update12:*:*:*:*:*:*","matchCriteriaId":"4836086E-3D4A-4A07-A372-382D385CB490"},{"vulnerable":true,"criteria":"cpe:2.3:a:adobe:coldfusion:2023:update13:*:*:*:*:*:*","matchCriteriaId":"CBC19168-4184-4B59-B9C8-E98844124EED"},{"vulnerable":true,"criteria":"cpe:2.3:a:adobe:coldfusion:2023:update14:*:*:*:*:*:*","matchCriteriaId":"A60DCD92-9A5B-411C-9554-642C91D77FAE"},{"vulnerable":true,"criteria":"cpe:2.3:a:adobe:coldfusion:2023:update15:*:*:*:*:*:*","matchCriteriaId":"58CC65EF-60A3-4DFA-AA51-E5013F116CEA"},{"vulnerable":true,"criteria":"cpe:2.3:a:adobe:coldfusion:2023:update16:*:*:*:*:*:*","matchCriteriaId":"2E3EBFB1-4488-4924-A2E2-B7E422D68345"},{"vulnerable":true,"criteria":"cpe:2.3:a:adobe:coldfusion:2023:update17:*:*:*:*:*:*","matchCriteriaId":"A683F9B2-A0DC-4AA0-BE97-9E74FA200AB1"},{"vulnerable":true,"criteria":"cpe:2.3:a:adobe:coldfusion:2023:update18:*:*:*:*:*:*","matchCriteriaId":"8689F35F-9A81-45D2-B782-DBA12306BA45"},{"vulnerable":true,"criteria":"cpe:2.3:a:adobe:coldfusion:2023:update19:*:*:*:*:*:*","matchCriteriaId":"5FAA5985-4B25-46C5-8064-0713AB251704"},{"vulnerable":true,"criteria":"cpe:2.3:a:adobe:coldfusion:2023:update2:*:*:*:*:*:*","matchCriteriaId":"EB88D4FE-5496-4639-BAF2-9F29F24ABF29"},{"vulnerable":true,"criteria":"cpe:2.3:a:adobe:coldfusion:2023:update3:*:*:*:*:*:*","matchCriteriaId":"43E0ED98-2C1F-40B8-AF60-FEB1D85619C0"},{"vulnerable":true,"criteria":"cpe:2.3:a:adobe:coldfusion:2023:update4:*:*:*:*:*:*","matchCriteriaId":"76204873-C6E0-4202-8A03-0773270F1802"},{"vulnerable":true,"criteria":"cpe:2.3:a:adobe:coldfusion:2023:update5:*:*:*:*:*:*","matchCriteriaId":"C1A22BE9-0D47-4BA8-8BDB-9B12D7A0F7C7"},{"vulnerable":true,"criteria":"cpe:2.3:a:adobe:coldfusion:2023:update6:*:*:*:*:*:*","matchCriteriaId":"E3A83642-BF14-4C37-BD94-FA76AABE8ADC"},{"vulnerable":true,"criteria":"cpe:2.3:a:adobe:coldfusion:2023:update7:*:*:*:*:*:*","matchCriteriaId":"A892E1DC-F2C8-4F53-8580-A2D1BEED5A25"},{"vulnerable":true,"criteria":"cpe:2.3:a:adobe:coldfusion:2023:update8:*:*:*:*:*:*","matchCriteriaId":"DB97ADBA-C1A9-4EE0-9509-68CB12358AE5"},{"vulnerable":true,"criteria":"cpe:2.3:a:adobe:coldfusion:2023:update9:*:*:*:*:*:*","matchCriteriaId":"E17C38F0-9B0F-4433-9CBD-6E3D63EA9BDC"},{"vulnerable":true,"criteria":"cpe:2.3:a:adobe:coldfusion:2025:-:*:*:*:*:*:*","matchCriteriaId":"30779417-D4E5-4A01-BE0E-1CE1D134292A"},{"vulnerable":true,"criteria":"cpe:2.3:a:adobe:coldfusion:2025:update1:*:*:*:*:*:*","matchCriteriaId":"80D7FC6A-F264-4CB1-A18D-B091EBA47882"},{"vulnerable":true,"criteria":"cpe:2.3:a:adobe:coldfusion:2025:update2:*:*:*:*:*:*","matchCriteriaId":"E3DA0D20-93BA-4C76-A400-159853CD7277"},{"vulnerable":true,"criteria":"cpe:2.3:a:adobe:coldfusion:2025:update3:*:*:*:*:*:*","matchCriteriaId":"5BAB6F21-61F1-43AB-88BA-553CD9AD6C0E"},{"vulnerable":true,"criteria":"cpe:2.3:a:adobe:coldfusion:2025:update4:*:*:*:*:*:*","matchCriteriaId":"C85288B9-5D63-49EA-828A-8DB3BB2367F6"},{"vulnerable":true,"criteria":"cpe:2.3:a:adobe:coldfusion:2025:update5:*:*:*:*:*:*","matchCriteriaId":"3882A011-5A01-48E7-B5E7-5A837B1CE245"},{"vulnerable":true,"criteria":"cpe:2.3:a:adobe:coldfusion:2025:update6:*:*:*:*:*:*","matchCriteriaId":"AACCE621-3380-4144-BA1B-AA26FE96B902"},{"vulnerable":true,"criteria":"cpe:2.3:a:adobe:coldfusion:2025:update7:*:*:*:*:*:*","matchCriteriaId":"EBC62370-3FA2-4AF7-A201-4155D09051F3"},{"vulnerable":true,"criteria":"cpe:2.3:a:adobe:coldfusion:2025:update8:*:*:*:*:*:*","matchCriteriaId":"D7616F34-9422-4815-806F-4484F68ED2A8"}]}]}],"references":[{"url":"https://helpx.adobe.com/security/products/coldfusion/apsb26-64.html","source":"psirt@adobe.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-47937","sourceIdentifier":"psirt@adobe.com","published":"2026-06-09T21:17:23.463","lastModified":"2026-06-29T14:19:57.843","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Acrobat Reader versions 24.001.30365, 26.001.21651 and earlier are affected by an Uncontrolled Search Path Element vulnerability that could result in arbitrary code execution in the context of the current user. An attacker with high privileges could exploit this vulnerability to execute arbitrary code. Exploitation of this issue requires user interaction in that a victim must open a malicious file. Scope is changed."}],"affected":[{"source":"psirt@adobe.com","affectedData":[{"vendor":"Adobe","product":"Acrobat Reader","defaultStatus":"affected","versions":[{"version":"0","lessThanOrEqual":"26.001.21651","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"psirt@adobe.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:H","baseScore":7.7,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.1,"impactScore":6.0},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:H","baseScore":7.7,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.1,"impactScore":6.0}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-10T03:59:22.570188Z","id":"CVE-2026-47937","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"psirt@adobe.com","type":"Secondary","description":[{"lang":"en","value":"CWE-427"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*","versionStartIncluding":"15.008.20082","versionEndExcluding":"26.001.21662","matchCriteriaId":"5AE8F879-6880-43E2-9DF0-6B89EA354049"},{"vulnerable":true,"criteria":"cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*","versionStartIncluding":"15.008.20082","versionEndExcluding":"26.001.21662","matchCriteriaId":"DE7F56BF-2ABC-4FF0-BF7A-04DDA99E0C16"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*","matchCriteriaId":"387021A0-AF36-463C-A605-32EA7DAC172E"},{"vulnerable":false,"criteria":"cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*","matchCriteriaId":"A2572D17-1DE6-457B-99CC-64AFD54487EA"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:adobe:acrobat:*:*:*:*:classic:*:*:*","versionStartIncluding":"24.0.0","versionEndExcluding":"24.001.30383","matchCriteriaId":"9A5E4266-1859-46D6-8E28-88AC405FD6D8"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*","matchCriteriaId":"387021A0-AF36-463C-A605-32EA7DAC172E"},{"vulnerable":false,"criteria":"cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*","matchCriteriaId":"A2572D17-1DE6-457B-99CC-64AFD54487EA"}]}]}],"references":[{"url":"https://helpx.adobe.com/security/products/acrobat/apsb26-63.html","source":"psirt@adobe.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-53406","sourceIdentifier":"security@zoom.us","published":"2026-06-12T18:16:35.457","lastModified":"2026-06-29T13:51:01.070","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Insufficient Verification of Data Authenticity in Remote Control for Zoom Contact Center for Windows before version 7.0.0 may allow an authenticated user to enable an escalation of privilege via local access."}],"affected":[{"source":"security@zoom.us","affectedData":[{"vendor":"Zoom Communications","product":"Remote Control for Zoom Contact Center","defaultStatus":"unaffected","platforms":["Windows"],"versions":[{"version":"0","lessThan":"7.0.0","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"security@zoom.us","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-12T18:01:32.472839Z","id":"CVE-2026-53406","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security@zoom.us","type":"Secondary","description":[{"lang":"en","value":"CWE-345"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:zoom:remote_control:*:*:*:*:*:windows:*:*","versionEndExcluding":"7.0.0","matchCriteriaId":"CF226765-DA3C-4073-803A-5C4E396A7267"}]}]}],"references":[{"url":"https://www.zoom.com/en/trust/security-bulletin/zsb-26009","source":"security@zoom.us","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-54231","sourceIdentifier":"secalert@redhat.com","published":"2026-06-13T03:16:21.877","lastModified":"2026-06-29T17:48:06.683","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"A content injection vulnerability was found in the ABRT post-create event handler scripts in libreport. The event script queries the systemd journal for log entries matching the crashed process and writes the results to files in the dump directory without sanitizing embedded control characters. A local user can inject arbitrary content into the journal output by embedding newline characters in syslog messages, controlling the content that root writes to dump directory files."}],"affected":[{"source":"secalert@redhat.com","affectedData":[{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 6","defaultStatus":"unknown","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"abrt","cpes":["cpe:/o:redhat:enterprise_linux:6"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 7","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"abrt","cpes":["cpe:/o:redhat:enterprise_linux:7"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"abrt","cpes":["cpe:/o:redhat:enterprise_linux:8"]}]}],"metrics":{"cvssMetricV31":[{"source":"secalert@redhat.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N","baseScore":5.5,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":1.8,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-15T21:42:52.155696Z","id":"CVE-2026-54231","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"secalert@redhat.com","type":"Secondary","description":[{"lang":"en","value":"CWE-74"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:abrt_project:abrt:*:*:*:*:*:*:*:*","matchCriteriaId":"F703FDE5-C6F0-49AF-A2C1-EB58DFF437FA"},{"vulnerable":true,"criteria":"cpe:2.3:o:fedoraproject:fedora:43:*:*:*:*:*:*:*","matchCriteriaId":"E1D1BBE5-0886-4D95-9862-16A4C316F70A"},{"vulnerable":true,"criteria":"cpe:2.3:o:fedoraproject:fedora:44:*:*:*:*:*:*:*","matchCriteriaId":"DD1E6B15-C7BF-47E1-8034-501385D7B7DD"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*","matchCriteriaId":"142AD0DD-4CF3-4D74-9442-459CE3347E3A"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*","matchCriteriaId":"F4CFF558-3C47-480D-A2F0-BABF26042943"}]}]}],"references":[{"url":"https://access.redhat.com/security/cve/CVE-2026-54231","source":"secalert@redhat.com","tags":["Vendor Advisory"]},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2488571","source":"secalert@redhat.com","tags":["Issue Tracking","Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-12398","sourceIdentifier":"secalert@redhat.com","published":"2026-06-16T15:16:36.103","lastModified":"2026-06-29T18:16:36.410","vulnStatus":"Awaiting Analysis","cveTags":[],"descriptions":[{"lang":"en","value":"A command injection vulnerability was found in galaxy_ng. The do_git_checkout() function in the legacy role import API (v1) interpolates unsanitized git ref names (branch/tag names) into shell commands executed via subprocess.run() with shell=True. An authenticated user who controls a git repository can create a branch or tag with shell metacharacters in the name to achieve remote code execution on the pulp worker. The vulnerable endpoint is only reachable when GALAXY_ENABLE_LEGACY_ROLES is set to True, which is not the default configuration."}],"affected":[{"source":"secalert@redhat.com","affectedData":[{"vendor":"Red Hat","product":"Red Hat Ansible Automation Platform 2","defaultStatus":"unaffected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"ansible-automation-platform-24/hub-rhel8","cpes":["cpe:/a:redhat:ansible_automation_platform:2"]},{"vendor":"Red Hat","product":"Red Hat Ansible Automation Platform 2","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"ansible-automation-platform-25/hub-rhel8","cpes":["cpe:/a:redhat:ansible_automation_platform:2"]},{"vendor":"Red Hat","product":"Red Hat Ansible Automation Platform 2","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"ansible-automation-platform-26/hub-rhel9","cpes":["cpe:/a:redhat:ansible_automation_platform:2"]},{"vendor":"Red Hat","product":"Red Hat Ansible Automation Platform 2","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"ansible-automation-platform-27/hub-rhel9","cpes":["cpe:/a:redhat:ansible_automation_platform:2"]},{"vendor":"Red Hat","product":"Red Hat Ansible Automation Platform 2","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"automation-hub","cpes":["cpe:/a:redhat:ansible_automation_platform:2"]},{"vendor":"Red Hat","product":"Red Hat Ansible Automation Platform 2","defaultStatus":"unknown","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"python3.11-galaxy-ng","cpes":["cpe:/a:redhat:ansible_automation_platform:2"]},{"vendor":"Red Hat","product":"Red Hat Ansible Automation Platform 2","defaultStatus":"unknown","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"python3.12-galaxy-ng","cpes":["cpe:/a:redhat:ansible_automation_platform:2"]},{"vendor":"Red Hat","product":"Red Hat Ansible Automation Platform 2","defaultStatus":"unknown","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"python3x-galaxy-ng","cpes":["cpe:/a:redhat:ansible_automation_platform:2"]},{"vendor":"Red Hat","product":"Red Hat Ansible Automation Platform 2","defaultStatus":"unknown","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"python-galaxy-ng","cpes":["cpe:/a:redhat:ansible_automation_platform:2"]}]}],"metrics":{"cvssMetricV31":[{"source":"secalert@redhat.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.6,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-16T00:00:00+00:00","id":"CVE-2026-12398","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"secalert@redhat.com","type":"Secondary","description":[{"lang":"en","value":"CWE-78"}]}],"references":[{"url":"https://access.redhat.com/security/cve/CVE-2026-12398","source":"secalert@redhat.com"},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2489180","source":"secalert@redhat.com"}]}},{"cve":{"id":"CVE-2026-48294","sourceIdentifier":"psirt@adobe.com","published":"2026-06-17T10:55:01.660","lastModified":"2026-06-29T17:17:41.400","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Adobe Acrobat PDF Extension (Chrome) versions 26.5.2.2 and earlier are affected by a UXSS-class cross-origin data disclosure vulnerability. An attacker could exploit this vulnerability to gain access to data regarding the victim's session. Exploitation of this issue requires user interaction in that a victim must visit a maliciously crafted URL or interact with a compromised web page. Scope is changed."}],"affected":[{"source":"psirt@adobe.com","affectedData":[{"vendor":"Adobe","product":"Adobe Acrobat PDF Extension (Chrome)","defaultStatus":"unaffected","versions":[{"version":"0","lessThanOrEqual":"26.5.2.2","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"psirt@adobe.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N","baseScore":7.4,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":4.0},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N","baseScore":7.4,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":4.0}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-16T20:59:32.500542Z","id":"CVE-2026-48294","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"psirt@adobe.com","type":"Secondary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:adobe:acrobat:*:*:*:*:*:chrome:*:*","versionEndIncluding":"26.5.2.2","matchCriteriaId":"551B31B9-B230-4FE4-B0C1-0F327D4B29AA"}]}]}],"references":[{"url":"https://chromewebstore.google.com/detail/adobe-acrobat-pdf-edit-co/efaidnbmnnnibpcajpcglclefindmkaj","source":"psirt@adobe.com","tags":["Product"]}]}},{"cve":{"id":"CVE-2026-1288","sourceIdentifier":"psirt@autodesk.com","published":"2026-06-17T17:16:42.857","lastModified":"2026-06-29T20:03:05.050","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"A maliciously crafted RFA file, when converted to FormIt via “Convert RFA to FormIt” in Autodesk Revit, can force a NULL Pointer Dereference vulnerability. Successful exploitation may cause the application to crash, leading to a denial-of-service condition."}],"affected":[{"source":"psirt@autodesk.com","affectedData":[{"vendor":"Autodesk","product":"Revit","defaultStatus":"unaffected","cpes":["cpe:2.3:a:autodesk:revit:2027.1:*:*:*:*:*:*:*","cpe:2.3:a:autodesk:revit:2026.4.1:*:*:*:*:*:*:*","cpe:2.3:a:autodesk:revit:2025.4.5:*:*:*:*:*:*:*","cpe:2.3:a:autodesk:revit:2024.3.5:*:*:*:*:*:*:*"],"versions":[{"version":"2027.0.0","lessThan":"2027.1.0","versionType":"semver","status":"affected"},{"version":"2026.0.0","lessThan":"2026.4.1","versionType":"semver","status":"affected"},{"version":"2025.0.0","lessThan":"2025.4.5","versionType":"semver","status":"affected"},{"version":"2024.0.0","lessThan":"2024.3.5","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"psirt@autodesk.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H","baseScore":5.5,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-17T17:30:34.311655Z","id":"CVE-2026-1288","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"psirt@autodesk.com","type":"Secondary","description":[{"lang":"en","value":"CWE-476"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:autodesk:revit:*:*:*:*:*:*:*:*","versionStartIncluding":"2024","versionEndExcluding":"2024.3.5","matchCriteriaId":"58457E2C-78E7-4FDA-9F0D-240911DEA2E9"},{"vulnerable":true,"criteria":"cpe:2.3:a:autodesk:revit:*:*:*:*:*:*:*:*","versionStartIncluding":"2025","versionEndExcluding":"2025.4.5","matchCriteriaId":"465D5144-9156-4F1E-ABEF-187A94D1F83A"},{"vulnerable":true,"criteria":"cpe:2.3:a:autodesk:revit:*:*:*:*:*:*:*:*","versionStartIncluding":"2026","versionEndExcluding":"2026.4.1","matchCriteriaId":"8B16EBE6-41CE-4DD1-8915-CBCB3635554D"},{"vulnerable":true,"criteria":"cpe:2.3:a:autodesk:revit:*:*:*:*:*:*:*:*","versionStartIncluding":"2027","versionEndExcluding":"2027.1","matchCriteriaId":"D869F549-A639-48CB-8F4D-DCF3B92D1291"}]}]}],"references":[{"url":"https://www.autodesk.com/products/autodesk-access/overview","source":"psirt@autodesk.com","tags":["Product"]},{"url":"https://www.autodesk.com/trust/security-advisories/adsk-sa-2026-0007","source":"psirt@autodesk.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-12047","sourceIdentifier":"f86ef6dc-4d3a-42ad-8f28-e6d5547a5007","published":"2026-06-19T00:16:47.040","lastModified":"2026-06-29T15:18:08.910","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"HTML injection in pgAdmin 4's cloud deployment module. The verify_credentials, deploy, regions, and update-server endpoints under /rds/, /azure/, /google/, and the top-level /cloud/ blueprint propagated AWS / Azure / Google SDK exception text — and the related file-resolution and database-commit exception text — into the JSON response body (the info and errormsg fields) without HTML-encoding. The Cloud Wizard frontend rendered these strings through html-react-parser, so an attacker-influenced exception message embedded structural HTML directly into the wizard's DOM.\n\nThe reported entry point is /rds/verify_credentials/. An authenticated pgAdmin user submits a crafted access_key whose value contains an <iframe/src=...> payload; AWS STS rejects the credential with an IncompleteSignature exception whose text quotes the access_key verbatim; the pgAdmin backend forwards that text into the JSON info field; the Cloud Wizard's FormFooterMessage parses it as HTML. The browser fetches the iframe's src from an attacker-controlled host, and JavaScript executing inside the cross-origin iframe writes to parent.location, redirecting the victim's pgAdmin tab. Because the injection renders inside pgAdmin's own interface, X-Frame-Options and Content-Security-Policy frame-ancestors do not mitigate it. Baseline impact is self-targeted (the same user who supplied the payload sees the injection); escalation against other authenticated users requires an additional cross-site request-forgery primitive capable of submitting the malformed credential request with a valid X-pgA-CSRFToken in the victim's browser context.\n\nThe same unsanitised-error-into-JSON pattern was present across multiple sibling endpoints — Azure's check_cluster_name_availability, every Google endpoint that surfaces SDK errors (verification_ack, projects, regions, instance_types, database_versions, the verify_credentials path-resolution branches), the central /deploy endpoint that bubbles str(e) from deploy_on_rds / deploy_on_azure / deploy_on_google, and update_cloud_server which surfaces the str(e) from a failing db.session.commit — all of which are now covered.\n\nFix HTML-escapes every external/SDK exception string at the endpoint sink via a new shared sanitize_external_text helper (HTML escape with control-character strip), promoted out of the psycopg3 driver into web/pgadmin/utils/text_sanitize.py. The Cloud Wizard frontend additionally renders its FormFooterMessage in plain-text mode for backend-derived strings, so the value is never parsed as HTML even if a future sink forgets the escape.\n\nThis issue affects pgAdmin 4: from 6.6 before 9.16."}],"affected":[{"source":"f86ef6dc-4d3a-42ad-8f28-e6d5547a5007","affectedData":[{"vendor":"pgadmin.org","product":"pgAdmin 4","defaultStatus":"unaffected","modules":["Cloud Deployment","Cloud RDS","Cloud Azure","Cloud Google"],"programFiles":["https://github.com/pgadmin-org/pgadmin4/blob/master/web/pgadmin/misc/cloud/__init__.py","https://github.com/pgadmin-org/pgadmin4/blob/master/web/pgadmin/misc/cloud/rds/__init__.py","https://github.com/pgadmin-org/pgadmin4/blob/master/web/pgadmin/misc/cloud/azure/__init__.py","https://github.com/pgadmin-org/pgadmin4/blob/master/web/pgadmin/misc/cloud/google/__init__.py","https://github.com/pgadmin-org/pgadmin4/blob/master/web/pgadmin/misc/cloud/static/js/CloudWizard.jsx"],"repo":"https://github.com/pgadmin-org/pgadmin4","versions":[{"version":"6.6","lessThan":"9.16","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"f86ef6dc-4d3a-42ad-8f28-e6d5547a5007","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:A/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":4.8,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"LOW","userInteraction":"ACTIVE","vulnConfidentialityImpact":"NONE","vulnIntegrityImpact":"LOW","vulnAvailabilityImpact":"NONE","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"f86ef6dc-4d3a-42ad-8f28-e6d5547a5007","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N","baseScore":3.5,"baseSeverity":"LOW","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.1,"impactScore":1.4},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N","baseScore":5.4,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.3,"impactScore":2.7}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-22T19:13:58.685569Z","id":"CVE-2026-12047","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"f86ef6dc-4d3a-42ad-8f28-e6d5547a5007","type":"Secondary","description":[{"lang":"en","value":"CWE-79"},{"lang":"en","value":"CWE-116"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:pgadmin:pgadmin_4:*:*:*:*:*:postgresql:*:*","versionStartIncluding":"6.6","versionEndExcluding":"9.16","matchCriteriaId":"BC047297-CF61-4536-AA24-CBA6439EA155"}]}]}],"references":[{"url":"https://github.com/pgadmin-org/pgadmin4/commit/60d149864b5fdd99675754c7996637737a24fce3","source":"f86ef6dc-4d3a-42ad-8f28-e6d5547a5007","tags":["Patch"]},{"url":"https://github.com/pgadmin-org/pgadmin4/issues/10069","source":"f86ef6dc-4d3a-42ad-8f28-e6d5547a5007","tags":["Issue Tracking","Patch"]}]}},{"cve":{"id":"CVE-2026-12048","sourceIdentifier":"f86ef6dc-4d3a-42ad-8f28-e6d5547a5007","published":"2026-06-19T00:16:47.200","lastModified":"2026-06-29T15:17:13.730","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Stored cross-site scripting in pgAdmin 4's error-rendering and plan-node-rendering paths. Text returned by a PostgreSQL server (ErrorResponse messages, including object names quoted back inside relation-does-not-exist errors and inside EXPLAIN Recheck Cond / Exact Heap Blocks fields) was passed verbatim through html-react-parser at every user-facing sink — the notifier toasts, FormFooterMessage / FormInput help and error areas, FormNote, ModalProvider AlertContent and confirmDelete, ToolErrorView, the Explain visualiser's NodeText panel, the SQL editor confirm dialogs, ConfirmSaveContent, PreferencesHelper modal alerts, and SelectThemes helper text. A PostgreSQL server an attacker controls — or any server returning attacker-influenced text such as a table or column name a low-privilege database user can create — could inject arbitrary HTML (including <iframe>) into the pgAdmin DOM the moment the victim's pgAdmin connected to that server or viewed an Explain plan that referenced the crafted object.\n\nThe injected iframe's srcdoc could fetch attacker-served JavaScript and, by writing to parent.location, redirect the victim's top-level pgAdmin browser tab to an attacker-controlled URL. Because the injection originates from inside pgAdmin's own interface, standard anti-clickjacking controls (X-Frame-Options, Content-Security-Policy: frame-ancestors) do not mitigate it. A phishing page rendered inside the legitimate pgAdmin window is indistinguishable from a genuine pgAdmin dialog.\n\nFix combines three complementary layers. (1) DOMPurify sanitisation is wrapped around every html-react-parser call site reachable from notifier, alert, form-error, Explain, and SQL-editor flows. (2) A new plain-text rendering contract — SafeMessage / SafeHtmlMessage components plus Notifier.errorText / alertText / warningText / infoText / successText helpers — is introduced; around fifty callers across browser, tools, dashboard, debugger, misc, llm, preferences, schema diff, and the SQL editor that previously interpolated backend-derived strings are migrated to the plain-text variants. (3) Backend HTML-escape is applied at the post-connection-SQL handler (execute_post_connection_sql) via a new sanitize_external_text helper, so third-party JSON consumers (audit logs, API clients) never receive raw markup either; the Explain plan-info renderer is also patched to _.escape Recheck Cond and Exact Heap Blocks at construction (matching every sibling field), giving defence in depth even before DOMPurify runs.\n\nThis issue affects pgAdmin 4: from 6.0 before 9.16."}],"affected":[{"source":"f86ef6dc-4d3a-42ad-8f28-e6d5547a5007","affectedData":[{"vendor":"pgadmin.org","product":"pgAdmin 4","defaultStatus":"unaffected","modules":["Notifier","Form Components","Modal Provider","Explain Visualiser","Driver"],"programFiles":["https://github.com/pgadmin-org/pgadmin4/blob/master/web/pgadmin/static/js/components/FormComponents.jsx","https://github.com/pgadmin-org/pgadmin4/blob/master/web/pgadmin/static/js/Notifier.jsx","https://github.com/pgadmin-org/pgadmin4/blob/master/web/pgadmin/utils/driver/psycopg3/connection.py","https://github.com/pgadmin-org/pgadmin4/blob/master/web/pgadmin/tools/erd/static/js/erd_tool/components/Explain/Analysis.jsx"],"repo":"https://github.com/pgadmin-org/pgadmin4","versions":[{"version":"6.0","lessThan":"9.16","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"f86ef6dc-4d3a-42ad-8f28-e6d5547a5007","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:N/SC:H/SI:H/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":9.3,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"NONE","userInteraction":"ACTIVE","vulnConfidentialityImpact":"HIGH","vulnIntegrityImpact":"HIGH","vulnAvailabilityImpact":"NONE","subConfidentialityImpact":"HIGH","subIntegrityImpact":"HIGH","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"f86ef6dc-4d3a-42ad-8f28-e6d5547a5007","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N","baseScore":9.3,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":5.8},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N","baseScore":5.4,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.3,"impactScore":2.7}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-22T19:15:27.799712Z","id":"CVE-2026-12048","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"f86ef6dc-4d3a-42ad-8f28-e6d5547a5007","type":"Secondary","description":[{"lang":"en","value":"CWE-79"},{"lang":"en","value":"CWE-116"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:pgadmin:pgadmin_4:*:*:*:*:*:postgresql:*:*","versionStartIncluding":"6.0","versionEndExcluding":"9.16","matchCriteriaId":"E0595842-CDC3-4CF7-B5EA-DF325B7E784A"}]}]}],"references":[{"url":"https://github.com/pgadmin-org/pgadmin4/commit/9e370d3cb67b83b3945f82969c959fad3f926517","source":"f86ef6dc-4d3a-42ad-8f28-e6d5547a5007","tags":["Patch"]},{"url":"https://github.com/pgadmin-org/pgadmin4/issues/10068","source":"f86ef6dc-4d3a-42ad-8f28-e6d5547a5007","tags":["Issue Tracking","Patch"]}]}},{"cve":{"id":"CVE-2026-12049","sourceIdentifier":"f86ef6dc-4d3a-42ad-8f28-e6d5547a5007","published":"2026-06-19T00:16:47.367","lastModified":"2026-06-29T15:16:21.470","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Open redirect in pgAdmin 4's multi-factor authentication flow. The MFA validate and register endpoints honoured the user-supplied 'next' query/form parameter without confirming the target pointed back inside pgAdmin, so an authenticated victim who clicked /mfa/validate?next=<external> -- a link typically delivered by phishing -- would be sent to an attacker-controlled host directly out of the trusted auth flow.\n\nThe defect is a trusted-domain redirect, not a privilege bypass: the attacker gains no read/write access to pgAdmin or the victim's database, but the redirect launders the attacker's destination through pgAdmin's URL, which raises the success rate of credential-phishing follow-on against the victim.\n\nFix introduces a same-origin _is_safe_redirect_url helper and gates every MFA redirect that consumes user-supplied 'next' values through it. The helper allows only relative paths and absolute URLs whose scheme is http(s) and whose host matches the current request host; it rejects external hosts in absolute and protocol-relative form, non-http schemes (javascript:, data:, mailto:), userinfo tricks (http://localhost@attacker/), and backslash variants that some browsers normalize to forward slashes. Unsafe targets fall back to the internal browser index. A dedicated regression test exercises each accept/reject category and the original reporter PoC.\n\nThis issue affects pgAdmin 4: from 6.0 before 9.16."}],"affected":[{"source":"f86ef6dc-4d3a-42ad-8f28-e6d5547a5007","affectedData":[{"vendor":"pgadmin.org","product":"pgAdmin 4","defaultStatus":"unaffected","modules":["Authentication","Multi-Factor Authentication"],"programFiles":["https://github.com/pgadmin-org/pgadmin4/blob/master/web/pgadmin/authenticate/mfa/views.py"],"repo":"https://github.com/pgadmin-org/pgadmin4","versions":[{"version":"6.0","lessThan":"9.16","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"f86ef6dc-4d3a-42ad-8f28-e6d5547a5007","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":5.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"NONE","userInteraction":"PASSIVE","vulnConfidentialityImpact":"NONE","vulnIntegrityImpact":"LOW","vulnAvailabilityImpact":"NONE","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"f86ef6dc-4d3a-42ad-8f28-e6d5547a5007","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N","baseScore":4.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":1.4},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","baseScore":6.1,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":2.7}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-22T14:39:40.324350Z","id":"CVE-2026-12049","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"f86ef6dc-4d3a-42ad-8f28-e6d5547a5007","type":"Secondary","description":[{"lang":"en","value":"CWE-601"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:pgadmin:pgadmin_4:*:*:*:*:*:postgresql:*:*","versionStartIncluding":"6.0","versionEndExcluding":"9.16","matchCriteriaId":"E0595842-CDC3-4CF7-B5EA-DF325B7E784A"}]}]}],"references":[{"url":"https://github.com/pgadmin-org/pgadmin4/commit/fff6a481854b07822c2b54e8181e6a9076d204cd","source":"f86ef6dc-4d3a-42ad-8f28-e6d5547a5007","tags":["Patch"]},{"url":"https://github.com/pgadmin-org/pgadmin4/issues/10028","source":"f86ef6dc-4d3a-42ad-8f28-e6d5547a5007","tags":["Issue Tracking","Patch"]}]}},{"cve":{"id":"CVE-2026-12050","sourceIdentifier":"f86ef6dc-4d3a-42ad-8f28-e6d5547a5007","published":"2026-06-19T00:16:47.517","lastModified":"2026-06-29T15:15:52.040","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"SQL injection in pgAdmin 4's named restore point endpoint (POST /browser/server/restore_point/{gid}/{sid}). The user-supplied 'value' field was interpolated directly into the SQL string with str.format() instead of being passed as a bound parameter, allowing an authenticated pgAdmin user with a connected PostgreSQL session to inject additional statements through that endpoint.\n\nThe injected SQL executes under the database role the user is already authenticated as. The defect does not cross a privilege boundary -- the user already has direct SQL access to that role through the Query Tool -- so the attacker gains no capability beyond what their database role already grants them. The marginal impact accounts for the fact that the injection path is not the documented SQL-execution interface, so a deployment that gates the Query Tool at the application layer could see SQL executed through a path it did not anticipate.\n\nFix passes the restore point name as a bound parameter and schema-qualifies the function call as pg_catalog.pg_create_restore_point so a non-default search_path on the connection cannot redirect the call to a shadow definition. A regression test asserts the value arrives as a bound parameter and not spliced into the SQL string.\n\nThis issue affects pgAdmin 4: from 1.0 before 9.16."}],"affected":[{"source":"f86ef6dc-4d3a-42ad-8f28-e6d5547a5007","affectedData":[{"vendor":"pgadmin.org","product":"pgAdmin 4","defaultStatus":"unaffected","modules":["Server Node","Named Restore Point"],"programFiles":["https://github.com/pgadmin-org/pgadmin4/blob/master/web/pgadmin/browser/server_groups/servers/__init__.py"],"repo":"https://github.com/pgadmin-org/pgadmin4","versions":[{"version":"1.0","lessThan":"9.16","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"f86ef6dc-4d3a-42ad-8f28-e6d5547a5007","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":5.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"LOW","userInteraction":"NONE","vulnConfidentialityImpact":"NONE","vulnIntegrityImpact":"LOW","vulnAvailabilityImpact":"NONE","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"f86ef6dc-4d3a-42ad-8f28-e6d5547a5007","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N","baseScore":4.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":1.4},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-22T19:10:34.711170Z","id":"CVE-2026-12050","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"f86ef6dc-4d3a-42ad-8f28-e6d5547a5007","type":"Secondary","description":[{"lang":"en","value":"CWE-89"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:pgadmin:pgadmin_4:*:*:*:*:*:postgresql:*:*","versionStartIncluding":"1.0","versionEndExcluding":"9.16","matchCriteriaId":"6C00C802-CCFB-4A7B-835E-FBE61FFC87FD"}]}]}],"references":[{"url":"https://github.com/pgadmin-org/pgadmin4/commit/3379c39865d3ab6f52afce97361fb16bcdd77cd2","source":"f86ef6dc-4d3a-42ad-8f28-e6d5547a5007","tags":["Patch"]},{"url":"https://github.com/pgadmin-org/pgadmin4/issues/10026","source":"f86ef6dc-4d3a-42ad-8f28-e6d5547a5007","tags":["Issue Tracking","Patch"]}]}},{"cve":{"id":"CVE-2026-27878","sourceIdentifier":"security@grafana.com","published":"2026-06-19T19:16:34.897","lastModified":"2026-06-29T19:59:27.563","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"A TraceQL query in Grafana Tempo with a large exemplars hint value can cause the Tempo instance to allocate an excessive amount of memory, resulting in an out-of-memory crash. This could allow an authenticated user to trigger a denial of service against the Tempo service."}],"affected":[{"source":"security@grafana.com","affectedData":[{"vendor":"Grafana","product":"Enterprise Traces (GET)","defaultStatus":"unaffected","versions":[{"version":"2.6.1","lessThan":"2.8.8","versionType":"semver","status":"affected"}]},{"vendor":"Grafana","product":"Tempo","defaultStatus":"unaffected","versions":[{"version":"2.6.0","lessThan":"2.10.2","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"security@grafana.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-22T17:09:51.414285Z","id":"CVE-2026-27878","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-400"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:grafana:tempo:*:*:*:*:*:*:*:*","versionStartIncluding":"2.6.0","versionEndExcluding":"2.8.4","matchCriteriaId":"1A53B8B4-874B-40F7-83F6-A36965D9B2C0"},{"vulnerable":true,"criteria":"cpe:2.3:a:grafana:tempo:*:*:*:*:*:*:*:*","versionStartIncluding":"2.9.0","versionEndExcluding":"2.9.2","matchCriteriaId":"4F731ED3-2882-414C-B5FE-679B76A751A4"},{"vulnerable":true,"criteria":"cpe:2.3:a:grafana:tempo:*:*:*:*:*:*:*:*","versionStartIncluding":"2.10.0","versionEndExcluding":"2.10.2","matchCriteriaId":"A90B7E68-DFF4-449F-A145-C1ABB0184B2E"}]}]}],"references":[{"url":"https://grafana.com/security/security-advisories/cve-2026-27878","source":"security@grafana.com","tags":["Broken Link"]}]}},{"cve":{"id":"CVE-2026-48584","sourceIdentifier":"secure@microsoft.com","published":"2026-06-19T21:17:01.060","lastModified":"2026-06-29T15:13:56.803","vulnStatus":"Analyzed","cveTags":[{"sourceIdentifier":"secure@microsoft.com","tags":["exclusively-hosted-service"]}],"descriptions":[{"lang":"en","value":"Execution with unnecessary privileges in Azure Synapse allows an authorized attacker to elevate privileges over a network."}],"affected":[{"source":"secure@microsoft.com","affectedData":[{"vendor":"Microsoft","product":"Azure Synapse","versions":[{"version":"-","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"secure@microsoft.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H","baseScore":9.9,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.1,"impactScore":6.0},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-24T00:00:00+00:00","id":"CVE-2026-48584","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"secure@microsoft.com","type":"Secondary","description":[{"lang":"en","value":"CWE-250"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-noinfo"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:azure_synapse:-:*:*:*:*:*:*:*","matchCriteriaId":"A4AE1B8F-819C-41A4-AEFA-7A94CBDCCFF3"}]}]}],"references":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-48584","source":"secure@microsoft.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-50519","sourceIdentifier":"secure@microsoft.com","published":"2026-06-19T21:17:02.260","lastModified":"2026-06-29T15:13:21.843","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Initialization of a resource with an insecure default in GitHub Copilot and Visual Studio Code allows an unauthorized attacker to disclose information over a network."}],"affected":[{"source":"secure@microsoft.com","affectedData":[{"vendor":"Microsoft","product":"GitHub Copilot Chat","versions":[{"version":"1.0.0","lessThan":"1.123.2","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"secure@microsoft.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":3.6},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-22T17:42:31.922172Z","id":"CVE-2026-50519","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"secure@microsoft.com","type":"Secondary","description":[{"lang":"en","value":"CWE-1188"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-1188"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:github_copilot_chat:*:*:*:*:*:visual_studio_code:*:*","versionEndExcluding":"1.123.2","matchCriteriaId":"A15A9D4F-47A8-4F76-8A30-FCA702917A1B"}]}]}],"references":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-50519","source":"secure@microsoft.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-4610","sourceIdentifier":"security@wordfence.com","published":"2026-06-23T13:16:41.997","lastModified":"2026-06-29T20:17:38.360","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"The ProfileGrid – User Profiles, Groups and Communities plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'pm_author_message' parameter in the pm_send_message_to_author function in all versions up to, and including, 5.9.9.2 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Subscriber-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. The vulnerability was partially patched in version 5.9.8.5."}],"affected":[{"source":"security@wordfence.com","affectedData":[{"vendor":"metagauss","product":"ProfileGrid – User Profiles, Groups and Communities","defaultStatus":"unaffected","versions":[{"version":"0","lessThanOrEqual":"5.9.9.2","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"security@wordfence.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N","baseScore":6.4,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":3.1,"impactScore":2.7}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-29T19:13:19.158826Z","id":"CVE-2026-4610","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security@wordfence.com","type":"Secondary","description":[{"lang":"en","value":"CWE-79"}]}],"references":[{"url":"https://plugins.trac.wordpress.org/browser/profilegrid-user-profiles-groups-and-communities/trunk/includes/class-profile-magic-request.php#L6790","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/browser/profilegrid-user-profiles-groups-and-communities/trunk/includes/class-profile-magic-request.php#L6802","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/browser/profilegrid-user-profiles-groups-and-communities/trunk/public/class-profile-magic-public.php#L3211","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/browser/profilegrid-user-profiles-groups-and-communities/trunk/public/class-profile-magic-public.php#L3216","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/changeset/3538301/","source":"security@wordfence.com"},{"url":"https://www.wordfence.com/threat-intel/vulnerabilities/id/34c64a8b-32ad-4349-b593-933fc057d1a6?source=cve","source":"security@wordfence.com"}]}},{"cve":{"id":"CVE-2026-49859","sourceIdentifier":"security-advisories@github.com","published":"2026-06-23T18:18:03.927","lastModified":"2026-06-29T14:38:17.253","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Deno is a JavaScript, TypeScript, and WebAssembly runtime. Prior to 2.8.1, when fetch() was called, Deno checked the destination hostname against --deny-net rules but did not re-check the IP addresses that hostname resolved to. An attacker-controlled script could use a specially crafted domain name that passes the hostname check yet resolves to a denied IP, bypassing the network restriction entirely. This vulnerability is fixed in 2.8.1."}],"affected":[{"source":"security-advisories@github.com","affectedData":[{"vendor":"denoland","product":"deno","versions":[{"version":"< 2.8.1","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N","baseScore":5.2,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.0,"impactScore":2.7}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-24T14:22:56.623204Z","id":"CVE-2026-49859","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-693"},{"lang":"en","value":"CWE-918"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:deno:deno:*:*:*:*:*:*:*:*","versionEndExcluding":"2.8.1","matchCriteriaId":"91F453C2-277C-4350-8234-700B47587E97"}]}]}],"references":[{"url":"https://github.com/denoland/deno/security/advisories/GHSA-cpgj-f7g3-2pp2","source":"security-advisories@github.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-49860","sourceIdentifier":"security-advisories@github.com","published":"2026-06-23T18:18:04.053","lastModified":"2026-06-29T14:37:08.490","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Deno is a JavaScript, TypeScript, and WebAssembly runtime. Prior to 2.8.1, when a WebSocket connection was opened, Deno checked the destination hostname against --deny-net rules but did not re-check the IP addresses that hostname resolved to. An attacker-controlled script could use a specially crafted domain name that passes the hostname check yet resolves to a denied IP, bypassing the network restriction entirely. This vulnerability is fixed in 2.8.1."}],"affected":[{"source":"security-advisories@github.com","affectedData":[{"vendor":"denoland","product":"deno","versions":[{"version":"< 2.8.1","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N","baseScore":5.2,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.0,"impactScore":2.7}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-23T17:37:00.680109Z","id":"CVE-2026-49860","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Primary","description":[{"lang":"en","value":"CWE-918"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:deno:deno:*:*:*:*:*:*:*:*","versionEndExcluding":"2.8.1","matchCriteriaId":"91F453C2-277C-4350-8234-700B47587E97"}]}]}],"references":[{"url":"https://github.com/denoland/deno/security/advisories/GHSA-83pc-3rw9-qpwj","source":"security-advisories@github.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-49983","sourceIdentifier":"security-advisories@github.com","published":"2026-06-23T18:18:04.190","lastModified":"2026-06-29T13:35:34.613","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Deno is a JavaScript, TypeScript, and WebAssembly runtime. Prior to 2.8.1, environment access is gated by the env permission. You can deny it with --deny-env, or restrict it to a specific allowlist with --allow-env=FOO,BAR. The expectation is that a program running without env permission cannot change process.env. process.loadEnvFile() (the Node-compatible API for loading variables from a .env file) does not honor this. It only checks that the program has read permission for the dotenv file, then writes every key in that file into the process environment — even when env access is denied. In effect, --allow-read plus a writable or attacker-controlled .env file is enough to defeat --deny-env. This vulnerability is fixed in 2.8.1."}],"affected":[{"source":"security-advisories@github.com","affectedData":[{"vendor":"denoland","product":"deno","versions":[{"version":"< 2.8.1","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N","baseScore":5.2,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.0,"impactScore":2.7}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-23T17:54:45.354967Z","id":"CVE-2026-49983","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Primary","description":[{"lang":"en","value":"CWE-863"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:deno:deno:*:*:*:*:*:*:*:*","versionStartIncluding":"2.3.0","versionEndExcluding":"2.8.1","matchCriteriaId":"4AB91EA0-218F-426D-AD0E-A8B3A2F0212E"}]}]}],"references":[{"url":"https://github.com/denoland/deno/security/advisories/GHSA-4c8g-jvcx-v4hv","source":"security-advisories@github.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-52844","sourceIdentifier":"security-advisories@github.com","published":"2026-06-23T18:18:05.137","lastModified":"2026-06-29T19:08:19.980","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Caddy is an extensible server platform that uses TLS by default. Prior to 2.11.4, on Windows, Caddy path matchers treat /private\\secret.txt as outside /private/*, but file_server later resolves the same request path as private\\secret.txt on disk. An unauthenticated remote client can bypass Caddy path-scoped auth/deny routes protecting /private/*. This vulnerability is fixed in 2.11.4."}],"affected":[{"source":"security-advisories@github.com","affectedData":[{"vendor":"caddyserver","product":"caddy","versions":[{"version":"< 2.11.4","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-23T20:05:58.401415Z","id":"CVE-2026-52844","options":[{"exploitation":"poc"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-22"},{"lang":"en","value":"CWE-284"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:caddyserver:caddy:*:*:*:*:*:*:*:*","versionEndExcluding":"2.11.4","matchCriteriaId":"6CC2FFA3-3F35-452A-A0B6-C1B66C0C73E6"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*","matchCriteriaId":"A2572D17-1DE6-457B-99CC-64AFD54487EA"}]}]}],"references":[{"url":"https://github.com/caddyserver/caddy/security/advisories/GHSA-qrp7-cvwr-j2c6","source":"security-advisories@github.com","tags":["Third Party Advisory","Exploit"]},{"url":"https://github.com/caddyserver/caddy/security/advisories/GHSA-qrp7-cvwr-j2c6","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","tags":["Third Party Advisory","Exploit"]}]}},{"cve":{"id":"CVE-2026-52846","sourceIdentifier":"security-advisories@github.com","published":"2026-06-23T18:18:05.400","lastModified":"2026-06-29T19:08:52.543","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Caddy is an extensible server platform that uses TLS by default. Prior to 2.11.4, Caddy’s stripHTML template function cannot reliably remove all HTML tags from input strings. Certain malformed HTML, such as <<>img src=x onerror=alert()>, can bypass the tag-stripping logic, potentially leaving dangerous content in the output if it is later rendered as HTML. This may allow client-side XSS in cases where untrusted strings are rendered unsafely. This vulnerability is fixed in 2.11.4."}],"affected":[{"source":"security-advisories@github.com","affectedData":[{"vendor":"caddyserver","product":"caddy","versions":[{"version":"< 2.11.4","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N","baseScore":4.2,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":1.6,"impactScore":2.5}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-25T12:42:12.083385Z","id":"CVE-2026-52846","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-116"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:caddyserver:caddy:*:*:*:*:*:*:*:*","versionEndExcluding":"2.11.4","matchCriteriaId":"6CC2FFA3-3F35-452A-A0B6-C1B66C0C73E6"}]}]}],"references":[{"url":"https://github.com/caddyserver/caddy/security/advisories/GHSA-vcc4-2c75-vc9v","source":"security-advisories@github.com","tags":["Exploit","Third Party Advisory"]},{"url":"https://github.com/caddyserver/caddy/security/advisories/GHSA-vcc4-2c75-vc9v","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2026-54316","sourceIdentifier":"security-advisories@github.com","published":"2026-06-23T18:18:08.623","lastModified":"2026-06-29T19:09:14.707","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Claude Code is an agentic coding tool.  From 0.2.54 until 2.1.163, because the hostname huggingface.co was pre-approved as a bare hostname for the WebFetch tool, any path on that domain—including attacker-controlled model repositories—was auto-approved without a permission prompt or being subject to --allowedTools restrictions. An attacker able to inject untrusted content into a Claude Code context could direct it to issue WebFetch requests against attacker-controlled repository files (e.g. /resolve/main/config.json), which HuggingFace counts as downloads server-side, creating a covert out-of-band channel for encoding and exfiltrating data Claude can access such as files, environment variables, or command output. Reliably exploiting this required the ability to add untrusted content into a Claude Code context window. This vulnerability is fixed in 2.1.163."}],"affected":[{"source":"security-advisories@github.com","affectedData":[{"vendor":"anthropics","product":"claude-code","versions":[{"version":">= 0.2.54, < 2.1.163","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":6.0,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"PRESENT","privilegesRequired":"NONE","userInteraction":"PASSIVE","vulnConfidentialityImpact":"HIGH","vulnIntegrityImpact":"NONE","vulnAvailabilityImpact":"NONE","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N","baseScore":9.1,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":5.2}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-23T17:37:32.464559Z","id":"CVE-2026-54316","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Primary","description":[{"lang":"en","value":"CWE-183"},{"lang":"en","value":"CWE-200"},{"lang":"en","value":"CWE-515"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:anthropic:claude_code:*:*:*:*:*:node.js:*:*","versionStartIncluding":"0.2.54","versionEndExcluding":"2.1.163","matchCriteriaId":"D5FF7E48-C79D-4F3C-867E-8827FA465A1C"}]}]}],"references":[{"url":"https://github.com/anthropics/claude-code/security/advisories/GHSA-fg94-h982-f3mm","source":"security-advisories@github.com","tags":["Third Party Advisory"]}]}},{"cve":{"id":"CVE-2026-55517","sourceIdentifier":"security-advisories@github.com","published":"2026-06-23T18:18:09.787","lastModified":"2026-06-29T13:27:11.020","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Deno is a JavaScript, TypeScript, and WebAssembly runtime. Prior to 2.7.5, a Deno program that opens a client WebSocket connection could be crashed by the remote server. While handling the WebSocket handshake response, Deno parsed the Sec-WebSocket-Protocol and Sec-WebSocket-Extensions response headers in a way that assumed their bytes were always printable ASCII. A response header containing non-visible-ASCII bytes (0x80-0xFF) caused a panic that aborted the entire Deno process. This vulnerability is fixed in 2.7.5."}],"affected":[{"source":"security-advisories@github.com","affectedData":[{"vendor":"denoland","product":"deno","versions":[{"version":"< 2.7.5","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","baseScore":4.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"LOW"},"exploitabilityScore":2.8,"impactScore":1.4}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-23T17:52:15.311461Z","id":"CVE-2026-55517","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Primary","description":[{"lang":"en","value":"CWE-248"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:deno:deno:*:*:*:*:*:*:*:*","versionEndExcluding":"2.7.5","matchCriteriaId":"D23838A8-D7D0-462F-8B7D-C33526ABD5FB"}]}]}],"references":[{"url":"https://github.com/denoland/deno/security/advisories/GHSA-x2qc-cmh9-f4hf","source":"security-advisories@github.com","tags":["Mitigation","Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-57053","sourceIdentifier":"cve@mitre.org","published":"2026-06-23T18:18:10.827","lastModified":"2026-06-29T19:40:25.163","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"GNU libidn before 1.44 is prone to out-of-bounds reads of uninitialized memory in the ToUnicode APIs because of mishandling in idna_to_unicode_internal. The affected code is not present in libidn2."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"GNU","product":"libidn","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"1.44","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"cve@mitre.org","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L","baseScore":4.0,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"LOW","availabilityImpact":"LOW"},"exploitabilityScore":1.4,"impactScore":2.5},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N","baseScore":2.5,"baseSeverity":"LOW","attackVector":"LOCAL","attackComplexity":"HIGH","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":1.0,"impactScore":1.4}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-23T17:40:08.293205Z","id":"CVE-2026-57053","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"cve@mitre.org","type":"Primary","description":[{"lang":"en","value":"CWE-1284"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-1284"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:gnu:libidn:*:*:*:*:*:*:*:*","versionStartIncluding":"0.1.15","versionEndExcluding":"1.44","matchCriteriaId":"118FD87F-26DE-4689-A179-D6A96321851E"}]}]}],"references":[{"url":"https://lists.gnu.org/archive/html/help-libidn/2026-05/msg00000.html","source":"cve@mitre.org","tags":["Exploit","Mailing List"]},{"url":"https://lists.gnu.org/archive/html/help-libidn/2026-06/msg00001.html","source":"cve@mitre.org","tags":["Mailing List"]}]}},{"cve":{"id":"CVE-2026-53753","sourceIdentifier":"security-advisories@github.com","published":"2026-06-23T19:17:07.107","lastModified":"2026-06-29T16:57:39.320","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Crawl4AI is an open-source LLM friendly web crawler & scraper. Prior to 0.8.7, the _safe_eval_expression() function in the computed fields feature uses an AST validator that only blocks attributes starting with underscore. Python generator and frame object attributes (gi_frame, f_back, f_builtins) do NOT start with underscore, enabling a complete sandbox escape to achieve arbitrary code execution. The attack requires no authentication (JWT disabled by default) and is triggered via POST /crawl with a crafted extraction schema. This vulnerability is fixed in 0.8.7."}],"affected":[{"source":"security-advisories@github.com","affectedData":[{"vendor":"unclecode","product":"crawl4ai","versions":[{"version":"< 0.8.7","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H","baseScore":10.0,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":6.0}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-23T18:55:14.019870Z","id":"CVE-2026-53753","options":[{"exploitation":"poc"},{"automatable":"yes"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-94"},{"lang":"en","value":"CWE-913"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:kidocode:crawl4ai:*:*:*:*:*:*:*:*","versionEndExcluding":"0.8.7","matchCriteriaId":"5C153B68-AA3F-4755-BA13-E98AAB321695"}]}]}],"references":[{"url":"https://github.com/unclecode/crawl4ai/security/advisories/GHSA-qxjp-w3pj-48m7","source":"security-advisories@github.com","tags":["Third Party Advisory","Mitigation"]},{"url":"https://github.com/unclecode/crawl4ai/security/advisories/GHSA-qxjp-w3pj-48m7","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","tags":["Third Party Advisory","Mitigation"]}]}},{"cve":{"id":"CVE-2026-53754","sourceIdentifier":"security-advisories@github.com","published":"2026-06-23T19:17:07.303","lastModified":"2026-06-29T16:53:02.127","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Crawl4AI is an open-source LLM friendly web crawler & scraper. Prior to 0.8.8, the Docker API server's SSRF protection (validate_webhook_url / validate_url_destination in deploy/docker/utils.py) used an explicit IPv4/IPv6 CIDR blocklist that missed several address families. An attacker could reach internal services and cloud metadata endpoints (e.g. 169.254.169.254) despite the filter by encoding an internal IPv4 address inside an IPv6 transition form, or by using the IPv6 unspecified address. Because the Docker API is unauthenticated by default (jwt_enabled: false), no credentials are required. This vulnerability is fixed in 0.8.8."}],"affected":[{"source":"security-advisories@github.com","affectedData":[{"vendor":"unclecode","product":"crawl4ai","versions":[{"version":"< 0.8.8","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-23T18:54:04.711472Z","id":"CVE-2026-53754","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-918"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:kidocode:crawl4ai:*:*:*:*:*:*:*:*","versionEndExcluding":"0.8.8","matchCriteriaId":"90CC6E6D-1EFB-46A5-990C-F095A97185EE"}]}]}],"references":[{"url":"https://github.com/unclecode/crawl4ai/security/advisories/GHSA-4qqr-vv2q-cmr5","source":"security-advisories@github.com","tags":["Third Party Advisory","Mitigation"]}]}},{"cve":{"id":"CVE-2026-53755","sourceIdentifier":"security-advisories@github.com","published":"2026-06-23T19:17:07.477","lastModified":"2026-06-29T16:50:16.707","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Crawl4AI is an open-source LLM friendly web crawler & scraper. Prior to 0.8.9, the Docker API server applied its SSRF destination check to the crawl target URL only, not to the proxy address. An unauthenticated request could supply a proxy pointing at an internal IP and route the browser through it, reaching internal services and cloud-metadata endpoints, while using a perfectly valid crawl URL. The Docker API is unauthenticated by default. /crawl, /crawl/stream, and /crawl/job accept a browser_config (and crawler_config). The following all feed Chromium's egress and were unchecked: browser_config.proxy_config.server, browser_config.proxy (deprecated field), crawler_config.proxy_config.server, and --proxy-server / --proxy-pac-url / --proxy-bypass-list / --host-resolver-rules flags in browser_config.extra_args. This vulnerability is fixed in 0.8.9."}],"affected":[{"source":"security-advisories@github.com","affectedData":[{"vendor":"unclecode","product":"crawl4ai","versions":[{"version":"< 0.8.9","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N","baseScore":8.6,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":4.0},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-26T15:01:20.774758Z","id":"CVE-2026-53755","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-918"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:kidocode:crawl4ai:*:*:*:*:*:*:*:*","versionEndExcluding":"0.8.9","matchCriteriaId":"788D4958-2D0D-43F1-BFC2-751DAC09C342"}]}]}],"references":[{"url":"https://github.com/unclecode/crawl4ai/security/advisories/GHSA-6qhc-x826-342c","source":"security-advisories@github.com","tags":["Third Party Advisory"]}]}},{"cve":{"id":"CVE-2026-54515","sourceIdentifier":"security-advisories@github.com","published":"2026-06-23T21:17:02.597","lastModified":"2026-06-29T13:38:59.057","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"jackson-databind contains the general-purpose data-binding functionality and tree-model for Jackson Data Processor. From 2.8.0 until 2.18.9, 2.21.5, and 3.1.4, in BeanDeserializerBase.createContextual(), per-property @JsonIgnoreProperties exclusions are applied by _handleByNameInclusion(), producing a contextual deserializer whose BeanPropertyMap has the ignored properties removed. The subsequent per-property case-insensitivity block (triggered by @JsonFormat(ACCEPT_CASE_INSENSITIVE_PROPERTIES)) rebuilds from this._beanProperties (the original, unfiltered map) instead of contextual._beanProperties, then overwrites the filtered map — restoring every property _handleByNameInclusion had just removed. The ignored property becomes writable again. This vulnerability is fixed in 2.18.9, 2.21.5, and 3.1.4."}],"affected":[{"source":"security-advisories@github.com","affectedData":[{"vendor":"FasterXML","product":"jackson-databind","versions":[{"version":">= 2.8.0, < 2.18.9","status":"affected"},{"version":">= 2.19.0, < 2.21.5","status":"affected"},{"version":">= 3.1.0, < 3.1.4","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N","baseScore":5.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":1.4}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-24T12:21:39.803339Z","id":"CVE-2026-54515","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-915"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:fasterxml:jackson-databind:*:*:*:*:*:*:*:*","versionStartIncluding":"2.8.0","versionEndExcluding":"2.18.9","matchCriteriaId":"A70ABD6F-255D-4445-BED6-B3D2BA9CC33C"},{"vulnerable":true,"criteria":"cpe:2.3:a:fasterxml:jackson-databind:*:*:*:*:*:*:*:*","versionStartIncluding":"2.19.0","versionEndExcluding":"2.21.5","matchCriteriaId":"23684E89-ED14-4060-AD06-E70E32EC3C4D"},{"vulnerable":true,"criteria":"cpe:2.3:a:fasterxml:jackson-databind:*:*:*:*:*:*:*:*","versionStartIncluding":"3.0.0","versionEndExcluding":"3.1.4","matchCriteriaId":"5C0F99DE-1DB7-4873-83F9-6CEF8E91F33C"},{"vulnerable":true,"criteria":"cpe:2.3:a:fasterxml:jackson-databind:2.22.0:*:*:*:*:*:*:*","matchCriteriaId":"E32613B1-1FE9-427D-8D4C-A450874E4D0A"}]}]}],"references":[{"url":"https://github.com/FasterXML/jackson-databind/commit/0e1b0b211f7a53baa62ba2f4c9bd006c7bf4d5fa","source":"security-advisories@github.com","tags":["Patch"]},{"url":"https://github.com/FasterXML/jackson-databind/issues/5962","source":"security-advisories@github.com","tags":["Issue Tracking"]},{"url":"https://github.com/FasterXML/jackson-databind/issues/5964","source":"security-advisories@github.com","tags":["Issue Tracking","Patch"]},{"url":"https://github.com/FasterXML/jackson-databind/security/advisories/GHSA-5jmj-h7xm-6q6v","source":"security-advisories@github.com","tags":["Third Party Advisory"]}]}},{"cve":{"id":"CVE-2026-12164","sourceIdentifier":"df4dee71-de3a-4139-9588-11b62fe6c0ff","published":"2026-06-23T23:16:49.297","lastModified":"2026-06-29T16:21:12.553","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Fortra File Integrity Monitoring (FIM), formerly Tripwire Enterprise, versions prior to 9.4.0 may assign incorrect or elevated effective permissions to users created by the tetool import command while FIM is running, particularly when the import also creates or changes roles or role-permission relationships."}],"affected":[{"source":"df4dee71-de3a-4139-9588-11b62fe6c0ff","affectedData":[{"vendor":"Fortra","product":"File Integrity Monitoring (FIM)","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"9.4.0","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"df4dee71-de3a-4139-9588-11b62fe6c0ff","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N","baseScore":4.4,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":0.8,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-24T13:15:29.228755Z","id":"CVE-2026-12164","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"df4dee71-de3a-4139-9588-11b62fe6c0ff","type":"Secondary","description":[{"lang":"en","value":"CWE-266"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:fortra:file_integrity_monitoring:*:*:*:*:*:*:*:*","versionEndExcluding":"9.4.0","matchCriteriaId":"D6A6BB06-2705-44CA-87D3-277FE156431E"}]}]}],"references":[{"url":"https://www.fortra.com/security/advisories/product-security/fi-2026-010","source":"df4dee71-de3a-4139-9588-11b62fe6c0ff","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-11370","sourceIdentifier":"security@wordfence.com","published":"2026-06-24T07:16:26.157","lastModified":"2026-06-29T20:17:32.357","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"The WP Meta SEO plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 4.5.18 via the 'new_link' parameter. This makes it possible for authenticated attackers, with contributor-level access and above, to make web requests to arbitrary locations originating from the web application and can be used to query and modify information from internal services. The HTTP response status from outbound requests is reflected back in the AJAX JSON response as status_code, providing an enumeration oracle usable for probing internal hosts and cloud metadata services."}],"affected":[{"source":"security@wordfence.com","affectedData":[{"vendor":"joomunited","product":"WP Meta SEO","defaultStatus":"unaffected","versions":[{"version":"0","lessThanOrEqual":"4.5.18","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"security@wordfence.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N","baseScore":6.4,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":3.1,"impactScore":2.7}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-29T19:13:47.844862Z","id":"CVE-2026-11370","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security@wordfence.com","type":"Secondary","description":[{"lang":"en","value":"CWE-918"}]}],"references":[{"url":"https://plugins.trac.wordpress.org/browser/wp-meta-seo/tags/4.5.18/inc/class.metaseo-admin.php#L4783","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/browser/wp-meta-seo/tags/4.5.18/inc/class.metaseo-broken-link-table.php#L1138","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/browser/wp-meta-seo/tags/4.5.18/inc/class.metaseo-broken-link-table.php#L2013","source":"security@wordfence.com"},{"url":"https://www.wordfence.com/threat-intel/vulnerabilities/id/2a6e37c1-aaac-4642-bace-234bbc4f6c38?source=cve","source":"security@wordfence.com"}]}},{"cve":{"id":"CVE-2026-12417","sourceIdentifier":"security@wordfence.com","published":"2026-06-24T07:16:26.890","lastModified":"2026-06-29T20:17:32.713","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"The SignUp & SignIn plugin for WordPress is vulnerable to Authentication Bypass via Weak Password Reset Validation leading to Account Takeover in versions up to, and including, 1.0.0. This is due to the `pravel_change_password()` AJAX handler — registered via `wp_ajax_nopriv_pravel_change_password` and therefore accessible to unauthenticated users — performing no nonce verification, no capability check, and only a loose equality check between an attacker-supplied `reset_activation_code` POST parameter and the target user's `forgot_email` user meta value; when a user has never initiated a password reset, `get_user_meta()` returns an empty string that trivially satisfies this check against an omitted or empty attacker-supplied code. This makes it possible for unauthenticated attackers to change the password of any WordPress user, including administrators, by sending a crafted POST request to `admin-ajax.php` with `action=pravel_change_password`, `reset_user_id` set to the target account's user ID, and `new_password_custom` set to an attacker-chosen password. Successful exploitation allows the attacker to authenticate with the newly set password and fully take over the targeted account, achieving administrator-level privilege escalation on the affected site."}],"affected":[{"source":"security@wordfence.com","affectedData":[{"vendor":"pravel","product":"SignUp & SignIn","defaultStatus":"unaffected","versions":[{"version":"0","lessThanOrEqual":"1.0.0","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"security@wordfence.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-29T19:14:09.849697Z","id":"CVE-2026-12417","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security@wordfence.com","type":"Secondary","description":[{"lang":"en","value":"CWE-640"}]}],"references":[{"url":"https://plugins.trac.wordpress.org/browser/signup-signin/tags/1.0.0/lib/function.php#L222","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/browser/signup-signin/tags/1.0.0/lib/function.php#L229","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/browser/signup-signin/tags/1.0.0/lib/function.php#L38","source":"security@wordfence.com"},{"url":"https://www.wordfence.com/threat-intel/vulnerabilities/id/c0a617fc-da3d-4828-b027-44093dd11769?source=cve","source":"security@wordfence.com"}]}},{"cve":{"id":"CVE-2026-8622","sourceIdentifier":"security@wordfence.com","published":"2026-06-24T07:16:27.930","lastModified":"2026-06-29T19:16:43.123","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"The Image Sizes on Demand plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via PHP_SELF Server Variable in all versions up to, and including, 1.3 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link. The injected payload only executes in the context of an administrator, as the settings page requires the manage_options capability to render."}],"affected":[{"source":"security@wordfence.com","affectedData":[{"vendor":"pixelwelt","product":"Image Sizes on Demand","defaultStatus":"unaffected","versions":[{"version":"0","lessThanOrEqual":"1.3","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"security@wordfence.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","baseScore":6.1,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":2.7}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-29T18:47:07.330309Z","id":"CVE-2026-8622","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security@wordfence.com","type":"Secondary","description":[{"lang":"en","value":"CWE-79"}]}],"references":[{"url":"https://plugins.trac.wordpress.org/browser/image-sizes-on-demand/trunk/settings.php#L8","source":"security@wordfence.com"},{"url":"https://www.wordfence.com/threat-intel/vulnerabilities/id/ebcbb7bf-99fd-4a74-a4d3-eabf9edcadc4?source=cve","source":"security@wordfence.com"}]}},{"cve":{"id":"CVE-2026-9183","sourceIdentifier":"security@wordfence.com","published":"2026-06-24T07:16:29.370","lastModified":"2026-06-29T20:17:41.310","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"The 24liveblog - live blog tool plugin for WordPress is vulnerable to Exposure of Sensitive Information in versions up to, and including, 2.2. This is due to the lb24_block_enqueue_scripts() function being hooked to enqueue_block_editor_assets and, for any non-administrator user, falling back to loading the administrator-configured site-wide 24liveblog integration secrets (lb24_token, lb24_refresh_token, lb24_uid, lb24_uname) from the options table via get_option() and emitting them through wp_localize_script() as the lb24BlockData JavaScript object. This makes it possible for authenticated attackers, with contributor-level access and above, to extract third-party 24liveblog account credentials (including the API token and refresh token) by simply opening the block editor and inspecting the page source."}],"affected":[{"source":"security@wordfence.com","affectedData":[{"vendor":"24liveblog","product":"24liveblog – live blog tool","defaultStatus":"unaffected","versions":[{"version":"0","lessThanOrEqual":"2.2","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"security@wordfence.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N","baseScore":4.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":1.4}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-29T19:05:31.056905Z","id":"CVE-2026-9183","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security@wordfence.com","type":"Secondary","description":[{"lang":"en","value":"CWE-200"}]}],"references":[{"url":"https://plugins.trac.wordpress.org/browser/24liveblog/trunk/src/init.php#L139","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/browser/24liveblog/trunk/src/init.php#L157","source":"security@wordfence.com"},{"url":"https://www.wordfence.com/threat-intel/vulnerabilities/id/ceaccdb3-4d98-4463-9db9-a6f1712d6869?source=cve","source":"security@wordfence.com"}]}},{"cve":{"id":"CVE-2026-9643","sourceIdentifier":"security@wordfence.com","published":"2026-06-24T07:16:30.093","lastModified":"2026-06-29T20:17:41.527","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"The WP Meta SEO plugin for WordPress is vulnerable to Unauthenticated Stored Cross-Site Scripting via the REQUEST_URI server variable in all versions up to, and including, 4.5.18. When the plugin's `wpmsTemplateRedirect()` hook detects a 404, it concatenates `$_SERVER['HTTP_HOST']` with the raw `$_SERVER['REQUEST_URI']` and inserts that value verbatim into the `wp_wpms_links.link_url` column via `$wpdb->insert()`. This makes it possible for unauthenticated attackers to inject arbitrary web scripts that execute whenever an administrator views the plugin's 404 & Redirects admin page (`/wp-admin/admin.php?page=metaseo_broken_link`)."}],"affected":[{"source":"security@wordfence.com","affectedData":[{"vendor":"joomunited","product":"WP Meta SEO","defaultStatus":"unaffected","versions":[{"version":"0","lessThanOrEqual":"4.5.18","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"security@wordfence.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N","baseScore":7.2,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":2.7}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-29T19:07:24.767002Z","id":"CVE-2026-9643","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security@wordfence.com","type":"Secondary","description":[{"lang":"en","value":"CWE-79"}]}],"references":[{"url":"https://plugins.trac.wordpress.org/browser/wp-meta-seo/tags/4.5.18/inc/class.metaseo-broken-link-table.php#L894","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/browser/wp-meta-seo/tags/4.5.18/wp-meta-seo.php#L1135","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/browser/wp-meta-seo/tags/4.5.18/wp-meta-seo.php#L1171","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/changeset?old_path=/wp-meta-seo/tags/4.5.12&new_path=/wp-meta-seo/tags/4.5.13","source":"security@wordfence.com"},{"url":"https://ti.wordfence.io/vulnerabilities/ca91e41d-b728-4eb0-86d5-043813d8c2c1","source":"security@wordfence.com"},{"url":"https://www.wordfence.com/threat-intel/vulnerabilities/id/beceb218-34bf-4571-a07b-939abc7ead8e?source=cve","source":"security@wordfence.com"}]}},{"cve":{"id":"CVE-2026-11877","sourceIdentifier":"security@opentext.com","published":"2026-06-24T15:16:38.287","lastModified":"2026-06-29T19:28:29.210","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"An unauthorized user can modify configuration through API\ncalls that affects the OpenText Access\nManager. This issue affects Access Manager before 5.1.3."}],"affected":[{"source":"security@opentext.com","affectedData":[{"vendor":"OpenText","product":"Access Manager","defaultStatus":"unaffected","versions":[{"version":"5.1","lessThanOrEqual":"5.1.2","versionType":"server","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"security@opentext.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:L/SI:L/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":6.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"HIGH","attackRequirements":"PRESENT","privilegesRequired":"NONE","userInteraction":"NONE","vulnConfidentialityImpact":"NONE","vulnIntegrityImpact":"LOW","vulnAvailabilityImpact":"NONE","subConfidentialityImpact":"LOW","subIntegrityImpact":"LOW","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-24T15:01:47.754068Z","id":"CVE-2026-11877","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security@opentext.com","type":"Secondary","description":[{"lang":"en","value":"CWE-648"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-noinfo"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:microfocus:access_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"5.0","versionEndExcluding":"5.1","matchCriteriaId":"8273C574-F6E2-4761-8870-16DEF64258F5"},{"vulnerable":true,"criteria":"cpe:2.3:a:microfocus:access_manager:5.1:-:*:*:*:*:*:*","matchCriteriaId":"CA7E1BEF-1359-4D9C-9BEB-7A64CB13F700"},{"vulnerable":true,"criteria":"cpe:2.3:a:microfocus:access_manager:5.1:patch_update_2:*:*:*:*:*:*","matchCriteriaId":"78483351-4885-4159-9F7B-EA739DA2108A"}]}]}],"references":[{"url":"https://portal.microfocus.com/s/article/KM000047450","source":"security@opentext.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-11878","sourceIdentifier":"security@opentext.com","published":"2026-06-24T15:16:39.370","lastModified":"2026-06-29T19:28:18.410","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Improper neutralization of input during web page generation ('cross-site scripting') vulnerability in OpenText Access Manager allows Cross-Site Scripting (XSS).\n\nThis issue affects Access Manager: from 5.1 through 5.1.2."}],"affected":[{"source":"security@opentext.com","affectedData":[{"vendor":"OpenText","product":"Access Manager","defaultStatus":"unaffected","versions":[{"version":"5.1","lessThanOrEqual":"5.1.2","versionType":"server","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"security@opentext.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:L/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":8.2,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"HIGH","attackRequirements":"PRESENT","privilegesRequired":"NONE","userInteraction":"NONE","vulnConfidentialityImpact":"HIGH","vulnIntegrityImpact":"NONE","vulnAvailabilityImpact":"NONE","subConfidentialityImpact":"LOW","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","baseScore":6.1,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":2.7}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-24T15:04:47.680943Z","id":"CVE-2026-11878","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security@opentext.com","type":"Secondary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:microfocus:access_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"5.0","versionEndExcluding":"5.1","matchCriteriaId":"8273C574-F6E2-4761-8870-16DEF64258F5"},{"vulnerable":true,"criteria":"cpe:2.3:a:microfocus:access_manager:5.1:-:*:*:*:*:*:*","matchCriteriaId":"CA7E1BEF-1359-4D9C-9BEB-7A64CB13F700"},{"vulnerable":true,"criteria":"cpe:2.3:a:microfocus:access_manager:5.1:patch_update_2:*:*:*:*:*:*","matchCriteriaId":"78483351-4885-4159-9F7B-EA739DA2108A"}]}]}],"references":[{"url":"https://portal.microfocus.com/s/article/KM000047449","source":"security@opentext.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-12760","sourceIdentifier":"f23511db-6c3e-4e32-a477-6aa17d310630","published":"2026-06-24T19:17:08.237","lastModified":"2026-06-29T16:17:25.343","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"A denial-of-service (DoS) vulnerability has been identified in Tapo C200 v3 in the network packet handling logic due to improper handling of IPv4 fragmented packets.  An unauthenticated adjacent attacker can send crafted packets to cause excessive resource consumption, leading to instability of the device.Successful exploitation can remotely trigger a temporary denial-of-service condition, causing the camera to become unresponsive and resulting in intermittent loss of video monitoring and recording."}],"affected":[{"source":"f23511db-6c3e-4e32-a477-6aa17d310630","affectedData":[{"vendor":"TP-Link Systems Inc.","product":"Tapo C200 v3","defaultStatus":"unaffected","platforms":["NVMP"],"versions":[{"version":"0","lessThan":"1.4.4 Build 250922","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"f23511db-6c3e-4e32-a477-6aa17d310630","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":7.1,"baseSeverity":"HIGH","attackVector":"ADJACENT","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"NONE","userInteraction":"NONE","vulnConfidentialityImpact":"NONE","vulnIntegrityImpact":"NONE","vulnAvailabilityImpact":"HIGH","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"ADJACENT_NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-24T18:53:30.462879Z","id":"CVE-2026-12760","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"f23511db-6c3e-4e32-a477-6aa17d310630","type":"Secondary","description":[{"lang":"en","value":"CWE-770"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:tp-link:tapo_c200_firmware:1.3.3:build_230228:*:*:*:*:*:*","matchCriteriaId":"CABD8DE6-9904-499D-919F-9DBD42BE6762"},{"vulnerable":true,"criteria":"cpe:2.3:o:tp-link:tapo_c200_firmware:1.3.4:build_230424:*:*:*:*:*:*","matchCriteriaId":"254031B5-7CC7-4B9D-970B-FAA6EBC3EAFD"},{"vulnerable":true,"criteria":"cpe:2.3:o:tp-link:tapo_c200_firmware:1.3.5:build_230717:*:*:*:*:*:*","matchCriteriaId":"9D61B481-8262-44D4-9A1D-9967AB1805DC"},{"vulnerable":true,"criteria":"cpe:2.3:o:tp-link:tapo_c200_firmware:1.3.7:build_230920:*:*:*:*:*:*","matchCriteriaId":"50D2F368-F8C8-41E1-9360-8CDF9F89E566"},{"vulnerable":true,"criteria":"cpe:2.3:o:tp-link:tapo_c200_firmware:1.3.9:build_231019:*:*:*:*:*:*","matchCriteriaId":"EF80958C-4274-4DEA-9730-176E3E6F21F2"},{"vulnerable":true,"criteria":"cpe:2.3:o:tp-link:tapo_c200_firmware:1.3.11:build_231115:*:*:*:*:*:*","matchCriteriaId":"7AA1B7FA-D418-46B2-A530-BF67E550E38F"},{"vulnerable":true,"criteria":"cpe:2.3:o:tp-link:tapo_c200_firmware:1.3.13:build_240327:*:*:*:*:*:*","matchCriteriaId":"DC4382B5-C7EC-4B98-AF28-8D08D0771133"},{"vulnerable":true,"criteria":"cpe:2.3:o:tp-link:tapo_c200_firmware:1.3.14:build_240513:*:*:*:*:*:*","matchCriteriaId":"1FCE1F5E-E84B-4CF4-B8A4-7A3448A0D127"},{"vulnerable":true,"criteria":"cpe:2.3:o:tp-link:tapo_c200_firmware:1.3.15:build_240715:*:*:*:*:*:*","matchCriteriaId":"C05AC5C2-5BB7-499A-AE2B-414103317D47"},{"vulnerable":true,"criteria":"cpe:2.3:o:tp-link:tapo_c200_firmware:1.4.1:build_241212:*:*:*:*:*:*","matchCriteriaId":"C1ED28D6-9441-440A-81D8-EB539D50BB56"},{"vulnerable":true,"criteria":"cpe:2.3:o:tp-link:tapo_c200_firmware:1.4.2:build_250313:*:*:*:*:*:*","matchCriteriaId":"51E28752-8B46-48CD-86B5-437449AED7C0"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:tp-link:tapo_c200:3:*:*:*:*:*:*:*","matchCriteriaId":"101FA54E-1A3D-4A38-BBD0-8DAFAC414EA3"}]}]}],"references":[{"url":"https://www.tp-link.com/en/support/download/tapo-c200/v3/#Firmware-Release-Notes","source":"f23511db-6c3e-4e32-a477-6aa17d310630","tags":["Release Notes"]},{"url":"https://www.tp-link.com/us/support/download/tapo-c200/v3/#Firmware-Release-Notes","source":"f23511db-6c3e-4e32-a477-6aa17d310630","tags":["Release Notes"]},{"url":"https://www.tp-link.com/us/support/faq/5143/","source":"f23511db-6c3e-4e32-a477-6aa17d310630","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-49979","sourceIdentifier":"security-advisories@github.com","published":"2026-06-24T22:16:47.250","lastModified":"2026-06-29T16:06:39.420","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Appsmith is a platform to build admin panels, internal tools, and dashboards. Prior to 1.99, the POST /api/v1/admin/send-test-email endpoint accepts attacker-controlled smtpHost and smtpPort values and establishes a raw JavaMail TCP connection without any IP validation. This completely bypasses WebClientUtils.IP_CHECK_FILTER, which only applies to Spring WebClient HTTP requests. Additionally, the raw MailException.getMessage() is returned verbatim in the API error response, enabling error-based internal port scanning and service banner enumeration. This vulnerability is fixed in 1.99."}],"affected":[{"source":"security-advisories@github.com","affectedData":[{"vendor":"appsmithorg","product":"appsmith","versions":[{"version":"< 1.99","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:L/VI:N/VA:N/SC:L/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":5.1,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"HIGH","userInteraction":"NONE","vulnConfidentialityImpact":"LOW","vulnIntegrityImpact":"NONE","vulnAvailabilityImpact":"NONE","subConfidentialityImpact":"LOW","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N","baseScore":2.7,"baseSeverity":"LOW","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":1.2,"impactScore":1.4}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-26T17:51:00.907972Z","id":"CVE-2026-49979","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-209"},{"lang":"en","value":"CWE-918"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-918"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:appsmith:appsmith:*:*:*:*:*:*:*:*","versionEndExcluding":"1.99","matchCriteriaId":"DF2CD79F-AE2C-4E6D-9AE2-BBCC3C231A34"}]}]}],"references":[{"url":"https://github.com/appsmithorg/appsmith/security/advisories/GHSA-vvxf-f8q9-86gh","source":"security-advisories@github.com","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2026-55666","sourceIdentifier":"security-advisories@github.com","published":"2026-06-24T22:16:49.393","lastModified":"2026-06-29T16:16:41.693","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"Rocket.Chat is an open-source, secure, fully customizable communications platform. Prior to 8.5.1, 8.4.4, 8.3.6, 8.2.6, 8.1.6, 8.0.7, and 7.10.13, in apps/meteor/app/apple/server/loginHandler.ts, handleIdentityToken parses a JWT issued by Apple during the OAuth flow. The try block checks for an email parameter. If the JWT does not contain an email address, the application falls back to accepting an arbitrary email value supplied directly in the request. Attackers are able to forge Apple JWTs that do not contain an email address and leverage this vulnerability to carry out account takeover attacks. This vulnerability is fixed in 8.5.1, 8.4.4, 8.3.6, 8.2.6, 8.1.6, 8.0.7, and 7.10.13."}],"affected":[{"source":"security-advisories@github.com","affectedData":[{"vendor":"RocketChat","product":"Rocket.Chat","versions":[{"version":">= 8.5.0-rc.0, < 8.5.1","status":"affected"},{"version":">= 8.4.0-rc.0, < 8.4.4","status":"affected"},{"version":">= 8.3.0-rc.0, < 8.3.6","status":"affected"},{"version":">= 8.2.0-rc.0, < 8.2.6","status":"affected"},{"version":">= 8.1.0-rc.0, < 8.1.6","status":"affected"},{"version":">= 7.11.0-rc.0, < 8.0.7","status":"affected"},{"version":"< 7.10.13","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":9.3,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"NONE","userInteraction":"NONE","vulnConfidentialityImpact":"HIGH","vulnIntegrityImpact":"HIGH","vulnAvailabilityImpact":"HIGH","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-26T03:55:30.444148Z","id":"CVE-2026-55666","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-287"},{"lang":"en","value":"CWE-288"}]}],"references":[{"url":"https://github.com/RocketChat/Rocket.Chat/security/advisories/GHSA-wx3c-76rf-wpwf","source":"security-advisories@github.com"}]}},{"cve":{"id":"CVE-2026-8659","sourceIdentifier":"cve@rapid7.com","published":"2026-06-25T00:17:47.937","lastModified":"2026-06-29T19:28:03.470","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"OS Command Injection vulnerability in Rapid7 InsightConnect SQLmap Plugin on Linux allows authenticated attackers to execute arbitrary OS commands via the api_host or api_port parameters during connection configuration due to insufficient input validation."}],"affected":[{"source":"cve@rapid7.com","affectedData":[{"vendor":"Rapid7","product":"InsightConnect SQLmap Plugin","defaultStatus":"unaffected","platforms":["Linux"],"versions":[{"version":"0","lessThan":"2.0.1","versionType":"custom","status":"affected"},{"version":"2.0.1","versionType":"custom","status":"unaffected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"cve@rapid7.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:H/A:L","baseScore":6.0,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"HIGH","availabilityImpact":"LOW"},"exploitabilityScore":1.2,"impactScore":4.7},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-25T12:36:17.255931Z","id":"CVE-2026-8659","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"cve@rapid7.com","type":"Secondary","description":[{"lang":"en","value":"CWE-78"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:rapid7:insightconnect_sqlmap:*:*:*:*:*:rapid7:*:*","versionEndExcluding":"2.0.1","matchCriteriaId":"8136EF95-0D28-4F24-A3E1-680DBE4364AF"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*","matchCriteriaId":"703AF700-7A70-47E2-BC3A-7FD03B3CA9C1"}]}]}],"references":[{"url":"https://extensions.rapid7.com/extension/sqlmap","source":"cve@rapid7.com","tags":["Product"]}]}},{"cve":{"id":"CVE-2026-8663","sourceIdentifier":"cve@rapid7.com","published":"2026-06-25T00:17:48.070","lastModified":"2026-06-29T19:26:52.360","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"OS Command Injection vulnerability in Rapid7 InsightConnect RPM Plugin on Linux allows authenticated attackers to execute arbitrary OS commands via the repo, key, or name parameters due to insufficient input sanitization in shell command construction."}],"affected":[{"source":"cve@rapid7.com","affectedData":[{"vendor":"Rapid7","product":"InsightConnect RPM Plugin","defaultStatus":"unaffected","platforms":["Linux"],"versions":[{"version":"0","lessThan":"1.0.2","versionType":"custom","status":"affected"},{"version":"1.0.2","versionType":"custom","status":"unaffected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"cve@rapid7.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:H/A:L","baseScore":6.0,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"HIGH","availabilityImpact":"LOW"},"exploitabilityScore":1.2,"impactScore":4.7},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-25T12:35:55.383114Z","id":"CVE-2026-8663","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"cve@rapid7.com","type":"Secondary","description":[{"lang":"en","value":"CWE-78"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:rapid7:insightconnect_rpm:*:*:*:*:*:rapid7:*:*","versionEndExcluding":"1.0.2","matchCriteriaId":"F6BEB1C0-CEC8-438C-A81D-26F91D8BC7E1"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*","matchCriteriaId":"703AF700-7A70-47E2-BC3A-7FD03B3CA9C1"}]}]}],"references":[{"url":"https://extensions.rapid7.com/extension/rpm","source":"cve@rapid7.com","tags":["Product"]}]}},{"cve":{"id":"CVE-2026-8592","sourceIdentifier":"cve@rapid7.com","published":"2026-06-25T02:16:34.990","lastModified":"2026-06-29T19:26:36.020","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"OS Command Injection vulnerability in the process_string action of Rapid7 InsightConnect AWK Plugin on Linux allows remote attackers to execute arbitrary OS commands via the text or expression parameters due to unsafe shell command construction in the processing pipeline."}],"affected":[{"source":"cve@rapid7.com","affectedData":[{"vendor":"Rapid7","product":"InsightConnect AWK Plugin","defaultStatus":"unaffected","platforms":["Linux"],"versions":[{"version":"0","lessThan":"1.2.2","versionType":"custom","status":"affected"},{"version":"1.2.2","versionType":"custom","status":"unaffected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"cve@rapid7.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:L","baseScore":7.7,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"LOW"},"exploitabilityScore":2.2,"impactScore":5.5},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-25T13:35:49.644133Z","id":"CVE-2026-8592","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"cve@rapid7.com","type":"Secondary","description":[{"lang":"en","value":"CWE-78"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:rapid7:insightconnect_awk:*:*:*:*:*:rapid7:*:*","versionEndExcluding":"1.2.2","matchCriteriaId":"508109DC-2506-410F-BC2C-3AC2B99288D1"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*","matchCriteriaId":"703AF700-7A70-47E2-BC3A-7FD03B3CA9C1"}]}]}],"references":[{"url":"https://extensions.rapid7.com/extension/awk","source":"cve@rapid7.com","tags":["Product"]}]}},{"cve":{"id":"CVE-2026-8660","sourceIdentifier":"cve@rapid7.com","published":"2026-06-25T02:16:35.110","lastModified":"2026-06-29T19:26:17.127","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"OS Command Injection vulnerability in the ping action of Rapid7 InsightConnect Ping Plugin on Linux allows remote attackers to execute arbitrary OS commands via the host parameter due to insufficient input validation when constructing shell commands."}],"affected":[{"source":"cve@rapid7.com","affectedData":[{"vendor":"Rapid7","product":"InsightConnect Ping Plugin","defaultStatus":"unaffected","platforms":["Linux"],"versions":[{"version":"0","lessThan":"1.0.4","versionType":"custom","status":"affected"},{"version":"1.0.4","versionType":"custom","status":"unaffected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"cve@rapid7.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:L","baseScore":7.7,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"LOW"},"exploitabilityScore":2.2,"impactScore":5.5},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-25T12:16:10.212909Z","id":"CVE-2026-8660","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"cve@rapid7.com","type":"Secondary","description":[{"lang":"en","value":"CWE-78"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:rapid7:insightconnect_ping:*:*:*:*:*:rapid7:*:*","versionEndExcluding":"1.0.4","matchCriteriaId":"7272BA32-7027-4CA9-932E-8137B5A977D1"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*","matchCriteriaId":"703AF700-7A70-47E2-BC3A-7FD03B3CA9C1"}]}]}],"references":[{"url":"https://extensions.rapid7.com/extension/ping","source":"cve@rapid7.com","tags":["Product"]}]}},{"cve":{"id":"CVE-2026-8664","sourceIdentifier":"cve@rapid7.com","published":"2026-06-25T02:16:35.227","lastModified":"2026-06-29T19:25:19.177","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"OS Command Injection vulnerability in Rapid7 InsightConnect Finger Plugin on Linux allows authenticated attackers to execute arbitrary OS commands via the user or host parameters due to insufficient input validation in shell command construction."}],"affected":[{"source":"cve@rapid7.com","affectedData":[{"vendor":"Rapid7","product":"InsightConnect Finger Plugin","defaultStatus":"unaffected","platforms":["Linux"],"versions":[{"version":"0","lessThan":"1.0.3","versionType":"custom","status":"affected"},{"version":"1.0.3","versionType":"custom","status":"unaffected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"cve@rapid7.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:H/A:L","baseScore":6.0,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"HIGH","availabilityImpact":"LOW"},"exploitabilityScore":1.2,"impactScore":4.7},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-25T12:16:52.286185Z","id":"CVE-2026-8664","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"cve@rapid7.com","type":"Secondary","description":[{"lang":"en","value":"CWE-78"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:rapid7:insightconnect_finger:*:*:*:*:*:rapid7:*:*","versionEndExcluding":"1.0.3","matchCriteriaId":"D323ADBE-F320-4F5F-B07A-4F2EB0F32C36"}]}]}],"references":[{"url":"https://extensions.rapid7.com/extension/finger","source":"cve@rapid7.com","tags":["Product"]}]}},{"cve":{"id":"CVE-2026-8665","sourceIdentifier":"cve@rapid7.com","published":"2026-06-25T02:16:35.340","lastModified":"2026-06-29T19:24:59.563","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"OS Command Injection vulnerability in the TR action of Rapid7 InsightConnect Translate Plugin on Linux allows remote attackers to execute arbitrary OS commands via the text or expression parameters due to insufficient input sanitization in shell command construction."}],"affected":[{"source":"cve@rapid7.com","affectedData":[{"vendor":"Rapid7","product":"InsightConnect TR Plugin","defaultStatus":"unaffected","platforms":["Linux"],"versions":[{"version":"0","lessThan":"2.0.3","versionType":"custom","status":"affected"},{"version":"2.0.3","versionType":"custom","status":"unaffected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"cve@rapid7.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:L","baseScore":7.7,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"LOW"},"exploitabilityScore":2.2,"impactScore":5.5},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-25T12:16:34.328474Z","id":"CVE-2026-8665","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"cve@rapid7.com","type":"Secondary","description":[{"lang":"en","value":"CWE-78"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:rapid7:insightconnect_translate:*:*:*:*:*:rapid7:*:*","versionEndExcluding":"2.0.3","matchCriteriaId":"E65A86CB-303C-4571-B3B3-CC2F99D1124B"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*","matchCriteriaId":"703AF700-7A70-47E2-BC3A-7FD03B3CA9C1"}]}]}],"references":[{"url":"https://extensions.rapid7.com/extension/tr","source":"cve@rapid7.com","tags":["Product"]}]}},{"cve":{"id":"CVE-2026-8666","sourceIdentifier":"cve@rapid7.com","published":"2026-06-25T02:16:35.567","lastModified":"2026-06-29T19:24:23.560","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"OS Command Injection vulnerability in the traceroute action of Rapid7 InsightConnect Traceroute Plugin on Linux allows remote attackers to execute arbitrary OS commands via the host, port, max_ttl, count, or time_out request parameters due to insufficient input validation when constructing shell commands."}],"affected":[{"source":"cve@rapid7.com","affectedData":[{"vendor":"Rapid7","product":"InsightConnect Traceroute Plugin","defaultStatus":"unaffected","platforms":["Linux"],"versions":[{"version":"0","lessThan":"1.0.3","versionType":"custom","status":"affected"},{"version":"1.0.3","versionType":"custom","status":"unaffected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"cve@rapid7.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:L","baseScore":7.7,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"LOW"},"exploitabilityScore":2.2,"impactScore":5.5},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-25T13:34:21.564743Z","id":"CVE-2026-8666","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"cve@rapid7.com","type":"Secondary","description":[{"lang":"en","value":"CWE-78"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:rapid7:insightconnect_traceroute:*:*:*:*:*:rapid7:*:*","versionEndExcluding":"1.0.3","matchCriteriaId":"965ADE4D-C563-4BBD-B27A-A9C3F02E75B7"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*","matchCriteriaId":"703AF700-7A70-47E2-BC3A-7FD03B3CA9C1"}]}]}],"references":[{"url":"https://extensions.rapid7.com/extension/traceroute","source":"cve@rapid7.com","tags":["Product"]}]}},{"cve":{"id":"CVE-2026-8658","sourceIdentifier":"cve@rapid7.com","published":"2026-06-25T03:16:44.000","lastModified":"2026-06-29T19:23:20.427","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"OS Command Injection vulnerability in Rapid7 InsightConnect Tcpdump Plugin on Linux allows authenticated attackers to execute arbitrary OS commands via the options or filter parameters due to insufficient input sanitization in shell command construction."}],"affected":[{"source":"cve@rapid7.com","affectedData":[{"vendor":"Rapid7","product":"InsightConnect Tcpdump Plugin","defaultStatus":"unaffected","platforms":["Linux"],"versions":[{"version":"0","lessThan":"2.0.0","versionType":"custom","status":"affected"},{"version":"2.0.0","versionType":"custom","status":"unaffected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"cve@rapid7.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:H/A:L","baseScore":6.0,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"HIGH","availabilityImpact":"LOW"},"exploitabilityScore":1.2,"impactScore":4.7},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-25T13:27:26.956019Z","id":"CVE-2026-8658","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"cve@rapid7.com","type":"Secondary","description":[{"lang":"en","value":"CWE-78"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:rapid7:insightconnect_tcpdump:*:*:*:*:*:rapid7:*:*","versionEndExcluding":"2.0.0","matchCriteriaId":"4D57F49F-1A8F-4391-B769-9332AEC90202"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*","matchCriteriaId":"703AF700-7A70-47E2-BC3A-7FD03B3CA9C1"}]}]}],"references":[{"url":"https://extensions.rapid7.com/extension/tcpdump","source":"cve@rapid7.com","tags":["Product"]}]}},{"cve":{"id":"CVE-2026-8662","sourceIdentifier":"cve@rapid7.com","published":"2026-06-25T03:16:44.113","lastModified":"2026-06-29T19:22:56.753","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Path Traversal vulnerability in the create_archive function of Rapid7 InsightConnect Compression Plugin on Linux allows authenticated attackers to write to unintended file paths via crafted filename input. The impact is limited to file corruption as content cannot be controlled by the attacker."}],"affected":[{"source":"cve@rapid7.com","affectedData":[{"vendor":"Rapid7","product":"InsightConnect Compression Plugin","defaultStatus":"unaffected","platforms":["Linux"],"versions":[{"version":"0","lessThan":"2.0.3","versionType":"custom","status":"affected"},{"version":"2.0.3","versionType":"custom","status":"unaffected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"cve@rapid7.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:L/A:L","baseScore":3.3,"baseSeverity":"LOW","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"LOW","availabilityImpact":"LOW"},"exploitabilityScore":0.7,"impactScore":2.5},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N","baseScore":4.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":1.4}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-25T13:30:42.837070Z","id":"CVE-2026-8662","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"cve@rapid7.com","type":"Secondary","description":[{"lang":"en","value":"CWE-22"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:rapid7:insightconnect_compression:*:*:*:*:*:rapid7:*:*","versionEndExcluding":"2.0.3","matchCriteriaId":"0A39360B-E5CF-452A-AF79-CB2260CCDA1A"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*","matchCriteriaId":"703AF700-7A70-47E2-BC3A-7FD03B3CA9C1"}]}]}],"references":[{"url":"https://extensions.rapid7.com/extension/compression","source":"cve@rapid7.com","tags":["Product"]}]}},{"cve":{"id":"CVE-2026-12077","sourceIdentifier":"security@wordfence.com","published":"2026-06-25T04:17:55.627","lastModified":"2026-06-29T20:17:32.607","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"The Dokan Pro plugin for WordPress is vulnerable to time-based SQL Injection via the via 'latitude' and 'longitude' parameters in all versions up to, and including, 5.0.4 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query.  This makes it possible for unauthenticated attackers to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database."}],"affected":[{"source":"security@wordfence.com","affectedData":[{"vendor":"wedevs","product":"Dokan Pro","defaultStatus":"unaffected","versions":[{"version":"0","lessThanOrEqual":"5.0.4","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"security@wordfence.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-29T19:00:30.312205Z","id":"CVE-2026-12077","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security@wordfence.com","type":"Secondary","description":[{"lang":"en","value":"CWE-89"}]}],"references":[{"url":"https://dokan.co/","source":"security@wordfence.com"},{"url":"https://www.wordfence.com/threat-intel/vulnerabilities/id/6565e345-3374-43d9-9789-f0d9138dc3e8?source=cve","source":"security@wordfence.com"}]}},{"cve":{"id":"CVE-2026-12755","sourceIdentifier":"security@devolutions.net","published":"2026-06-25T14:16:36.333","lastModified":"2026-06-29T15:15:58.117","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Improper input validation in the PAM AD discovery endpoints in \nDevolutions Server 2026.2.4.0 through 2026.2.7.0 allows an authenticated\n user with the UserGroupsView permission to coerce server-side \nauthentication to an attacker-controlled host, exposing PAM provider \ncredentials as a NTLMv2 challenge-response, via a crafted DomainName \nparameter."}],"affected":[{"source":"security@devolutions.net","affectedData":[{"vendor":"Devolutions","product":"Server","defaultStatus":"unaffected","versions":[{"version":"2026.2.4.0","lessThan":"2026.2.7.0","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N","baseScore":2.7,"baseSeverity":"LOW","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":1.2,"impactScore":1.4}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-25T14:52:17.880696Z","id":"CVE-2026-12755","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security@devolutions.net","type":"Secondary","description":[{"lang":"en","value":"CWE-1284"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:devolutions:devolutions_server:*:*:*:*:*:*:*:*","versionStartIncluding":"2026.2.4.0","versionEndExcluding":"2026.2.9.0","matchCriteriaId":"035F9F71-2FA4-430F-8B3F-6B45B92FCF51"}]}]}],"references":[{"url":"https://devolutions.net/security/advisories/DEVO-2026-0020/","source":"security@devolutions.net","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-27366","sourceIdentifier":"audit@patchstack.com","published":"2026-06-25T14:16:36.767","lastModified":"2026-06-29T18:16:37.477","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"Unauthenticated Broken Access Control in MainWP Child <= 6.1.1 versions."}],"affected":[{"source":"audit@patchstack.com","affectedData":[{"vendor":"MainWP","product":"MainWP Child","defaultStatus":"unaffected","collectionURL":"https://wordpress.org/plugins","packageName":"mainwp-child","versions":[{"version":"n/a","lessThanOrEqual":"6.1.1","versionType":"custom","status":"affected","changes":[{"at":"6.1.2","status":"unaffected"}]}]}]}],"metrics":{"cvssMetricV31":[{"source":"audit@patchstack.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.6,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-29T17:58:50.371923Z","id":"CVE-2026-27366","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"audit@patchstack.com","type":"Secondary","description":[{"lang":"en","value":"CWE-862"}]}],"references":[{"url":"https://patchstack.com/database/wordpress/plugin/mainwp-child/vulnerability/wordpress-mainwp-child-plugin-6-1-1-broken-access-control-vulnerability?_s_id=cve","source":"audit@patchstack.com"}]}},{"cve":{"id":"CVE-2026-54830","sourceIdentifier":"audit@patchstack.com","published":"2026-06-25T14:16:47.370","lastModified":"2026-06-29T18:16:37.803","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"Unauthenticated Broken Access Control in Five Star Restaurant Reservations <= 2.7.19 versions."}],"affected":[{"source":"audit@patchstack.com","affectedData":[{"vendor":"Etoile Web Design Incorporated","product":"Five Star Restaurant Reservations","defaultStatus":"unaffected","collectionURL":"https://wordpress.org/plugins","packageName":"restaurant-reservations","versions":[{"version":"n/a","lessThanOrEqual":"2.7.19","versionType":"custom","status":"affected","changes":[{"at":"2.7.20","status":"unaffected"}]}]}]}],"metrics":{"cvssMetricV31":[{"source":"audit@patchstack.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-29T17:57:00.833849Z","id":"CVE-2026-54830","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"audit@patchstack.com","type":"Secondary","description":[{"lang":"en","value":"CWE-862"}]}],"references":[{"url":"https://patchstack.com/database/wordpress/plugin/restaurant-reservations/vulnerability/wordpress-five-star-restaurant-reservations-plugin-2-7-19-broken-access-control-vulnerability?_s_id=cve","source":"audit@patchstack.com"}]}},{"cve":{"id":"CVE-2026-54844","sourceIdentifier":"audit@patchstack.com","published":"2026-06-25T14:16:48.560","lastModified":"2026-06-29T18:16:38.010","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"Unauthenticated Broken Access Control in CheckView Automated Testing <= 2.1.0 versions."}],"affected":[{"source":"audit@patchstack.com","affectedData":[{"vendor":"CheckView","product":"CheckView Automated Testing","defaultStatus":"unaffected","collectionURL":"https://wordpress.org/plugins","packageName":"checkview","versions":[{"version":"n/a","lessThanOrEqual":"2.1.0","versionType":"custom","status":"affected","changes":[{"at":"2.2.0","status":"unaffected"}]}]}]}],"metrics":{"cvssMetricV31":[{"source":"audit@patchstack.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-29T17:55:17.956024Z","id":"CVE-2026-54844","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"audit@patchstack.com","type":"Secondary","description":[{"lang":"en","value":"CWE-862"}]}],"references":[{"url":"https://patchstack.com/database/wordpress/plugin/checkview/vulnerability/wordpress-checkview-automated-testing-plugin-2-1-0-broken-access-control-vulnerability?_s_id=cve","source":"audit@patchstack.com"}]}},{"cve":{"id":"CVE-2026-56013","sourceIdentifier":"audit@patchstack.com","published":"2026-06-25T14:16:50.210","lastModified":"2026-06-29T18:16:38.107","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"Unauthenticated Insecure Direct Object References (IDOR) in License Manager for WooCommerce <= 3.0.15 versions."}],"affected":[{"source":"audit@patchstack.com","affectedData":[{"vendor":"myCred","product":"License Manager for WooCommerce","defaultStatus":"unaffected","collectionURL":"https://wordpress.org/plugins","packageName":"license-manager-for-woocommerce","versions":[{"version":"n/a","lessThanOrEqual":"3.0.15","versionType":"custom","status":"affected","changes":[{"at":"3.0.16","status":"unaffected"}]}]}]}],"metrics":{"cvssMetricV31":[{"source":"audit@patchstack.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"LOW","availabilityImpact":"LOW"},"exploitabilityScore":3.9,"impactScore":2.5}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-29T18:00:37.169216Z","id":"CVE-2026-56013","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"audit@patchstack.com","type":"Secondary","description":[{"lang":"en","value":"CWE-639"}]}],"references":[{"url":"https://patchstack.com/database/wordpress/plugin/license-manager-for-woocommerce/vulnerability/wordpress-license-manager-for-woocommerce-plugin-3-0-15-insecure-direct-object-references-idor-vulnerability?_s_id=cve","source":"audit@patchstack.com"}]}},{"cve":{"id":"CVE-2026-56051","sourceIdentifier":"audit@patchstack.com","published":"2026-06-25T14:16:51.030","lastModified":"2026-06-29T18:16:38.310","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"Unauthenticated Cross Site Scripting (XSS) in TablePress <= 3.3.1 versions."}],"affected":[{"source":"audit@patchstack.com","affectedData":[{"vendor":"TablePress","product":"TablePress","defaultStatus":"unaffected","collectionURL":"https://wordpress.org/plugins","packageName":"tablepress","versions":[{"version":"n/a","lessThanOrEqual":"3.3.1","versionType":"custom","status":"affected","changes":[{"at":"3.3.2","status":"unaffected"}]}]}]}],"metrics":{"cvssMetricV31":[{"source":"audit@patchstack.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L","baseScore":7.1,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"LOW"},"exploitabilityScore":2.8,"impactScore":3.7}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-29T17:41:59.133514Z","id":"CVE-2026-56051","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"audit@patchstack.com","type":"Secondary","description":[{"lang":"en","value":"CWE-79"}]}],"references":[{"url":"https://patchstack.com/database/wordpress/plugin/tablepress/vulnerability/wordpress-tablepress-plugin-3-3-1-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve","source":"audit@patchstack.com"}]}},{"cve":{"id":"CVE-2026-54024","sourceIdentifier":"security-advisories@github.com","published":"2026-06-25T17:16:40.153","lastModified":"2026-06-29T16:03:35.167","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"LibreChat is an enhanced ChatGPT clone that supports multiple AI providers. Prior to 0.8.4-rc1, the fix for CVE-2024-11171 (commit bb58a2d0) added limits: { fileSize } to createMulterInstance() in the file upload routes. However, the POST /api/convos/import endpoint uses a separate multer instance that was never updated with the same limits configuration. Combined with the application-level size check being disabled by default (the CONVERSATION_IMPORT_MAX_FILE_SIZE_BYTES env var is commented out in .env.example), an authenticated user can upload arbitrarily large files to exhaust server disk space and memory. This vulnerability is fixed in 0.8.4-rc1."}],"affected":[{"source":"security-advisories@github.com","affectedData":[{"vendor":"danny-avila","product":"LibreChat","versions":[{"version":"< 0.8.4-rc1","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-25T17:53:03.064873Z","id":"CVE-2026-54024","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-770"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:librechat:librechat:*:*:*:*:*:*:*:*","versionEndIncluding":"0.8.3","matchCriteriaId":"77B80F25-E7C2-442E-98E3-F4462C40C74F"}]}]}],"references":[{"url":"https://github.com/danny-avila/LibreChat/security/advisories/GHSA-52f6-fqwv-jccf","source":"security-advisories@github.com","tags":["Exploit","Vendor Advisory"]},{"url":"https://github.com/danny-avila/LibreChat/security/advisories/GHSA-52f6-fqwv-jccf","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","tags":["Exploit","Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-54025","sourceIdentifier":"security-advisories@github.com","published":"2026-06-25T17:16:40.277","lastModified":"2026-06-29T16:02:49.673","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"LibreChat is an enhanced ChatGPT clone that supports multiple AI providers. Prior to 0.8.4-rc1, there is a vulnerability in LibreChat's markdown artifact preview pipeline. The marked library v15.0.12 does not HTML-escape double-quote characters in image alt text when a custom renderer falls through to the default renderer. LibreChat's generateMarkdownHtml function (in client/src/utils/markdown.ts) installs a custom image renderer that returns false for URLs passing the isSafeUrl allowlist check, which causes marked to fall back to its built-in renderer. That built-in renderer inserts the raw alt text into the alt=\"...\" attribute without escaping double-quote characters. An attacker can craft an alt text such as \" onload=\"payload to break out of the attribute and inject an arbitrary event handler. The resulting HTML is then assigned to document.getElementById('content').innerHTML inside the Sandpack preview iframe, causing the payload to execute in the victim's browser. This vulnerability is fixed in 0.8.4-rc1."}],"affected":[{"source":"security-advisories@github.com","affectedData":[{"vendor":"danny-avila","product":"LibreChat","versions":[{"version":"< 0.8.4-rc1","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N","baseScore":5.4,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.3,"impactScore":2.7}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-25T18:02:07.544932Z","id":"CVE-2026-54025","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:librechat:librechat:*:*:*:*:*:*:*:*","versionEndIncluding":"0.7.8","matchCriteriaId":"98E22E73-154F-48CC-925E-61293CD7CDAB"}]}]}],"references":[{"url":"https://github.com/danny-avila/LibreChat/security/advisories/GHSA-3phr-62qf-cxf3","source":"security-advisories@github.com","tags":["Exploit","Mitigation","Vendor Advisory"]},{"url":"https://github.com/danny-avila/LibreChat/security/advisories/GHSA-3phr-62qf-cxf3","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","tags":["Exploit","Mitigation","Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-54029","sourceIdentifier":"security-advisories@github.com","published":"2026-06-25T17:16:40.537","lastModified":"2026-06-29T15:36:16.373","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"LibreChat is an enhanced ChatGPT clone that supports multiple AI providers. Prior to 0.8.4-rc1, the DELETE /api/messages/:conversationId/:messageId endpoint allows any authenticated user to delete any other user's messages. The validateMessageReq middleware only validates that the conversationId belongs to the requesting user, but the handler calls deleteMessages({ messageId }) using only the messageId as the MongoDB filter — without adding a user constraint. An attacker provides their own valid conversationId (to pass validation) and the victim's messageId (to target deletion), resulting in permanent, irrecoverable message deletion. This vulnerability is fixed in 0.8.4-rc1."}],"affected":[{"source":"security-advisories@github.com","affectedData":[{"vendor":"danny-avila","product":"LibreChat","versions":[{"version":"< 0.8.4-rc1","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:N","baseScore":5.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":1.6,"impactScore":3.6},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-26T17:50:49.675297Z","id":"CVE-2026-54029","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-862"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:librechat:librechat:*:*:*:*:*:*:*:*","versionEndIncluding":"0.8.3","matchCriteriaId":"77B80F25-E7C2-442E-98E3-F4462C40C74F"}]}]}],"references":[{"url":"https://github.com/danny-avila/LibreChat/security/advisories/GHSA-8892-xj8q-59xc","source":"security-advisories@github.com","tags":["Exploit","Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-54033","sourceIdentifier":"security-advisories@github.com","published":"2026-06-25T17:16:40.783","lastModified":"2026-06-29T15:39:10.833","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"LibreChat is an enhanced ChatGPT clone that supports multiple AI providers. Prior to 0.8.4-rc1, LibreChat allows users to configure custom OpenAI-compatible API endpoints by setting a baseURL. This URL is used to construct HTTP requests without any SSRF validation — no private IP check, no scheme restriction, no DNS pinning. An authenticated user can set baseURL to internal network addresses. This vulnerability is fixed in 0.8.4-rc1."}],"affected":[{"source":"security-advisories@github.com","affectedData":[{"vendor":"danny-avila","product":"LibreChat","versions":[{"version":"< 0.8.4-rc1","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N","baseScore":7.7,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.1,"impactScore":4.0},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-25T17:43:53.379264Z","id":"CVE-2026-54033","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-918"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:librechat:librechat:*:*:*:*:*:*:*:*","versionEndIncluding":"0.8.3","matchCriteriaId":"77B80F25-E7C2-442E-98E3-F4462C40C74F"}]}]}],"references":[{"url":"https://github.com/danny-avila/LibreChat/security/advisories/GHSA-gc9r-88c3-7qhq","source":"security-advisories@github.com","tags":["Exploit","Mitigation","Vendor Advisory"]},{"url":"https://github.com/danny-avila/LibreChat/security/advisories/GHSA-gc9r-88c3-7qhq","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","tags":["Exploit","Mitigation","Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-54037","sourceIdentifier":"security-advisories@github.com","published":"2026-06-25T17:16:41.000","lastModified":"2026-06-29T15:54:55.790","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"LibreChat is an enhanced ChatGPT clone that supports multiple AI providers. Prior to 0.8.4-rc1, the fix for CVE-2025-7105 added forkIpLimiter and forkUserLimiter rate limiters to POST /api/convos/fork to prevent rapid-fire conversation duplication. However, the POST /api/convos/duplicate endpoint — which is in the same file and performs the exact same expensive database operations — was not given any rate limiter. An authenticated user can bypass the CVE-2025-7105 fix by using /duplicate instead of /fork to exhaust server resources. This vulnerability is fixed in 0.8.4-rc1."}],"affected":[{"source":"security-advisories@github.com","affectedData":[{"vendor":"danny-avila","product":"LibreChat","versions":[{"version":"< 0.8.4-rc1","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-25T18:18:00.563402Z","id":"CVE-2026-54037","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-770"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:librechat:librechat:*:*:*:*:*:*:*:*","versionEndIncluding":"0.8.3","matchCriteriaId":"77B80F25-E7C2-442E-98E3-F4462C40C74F"}]}]}],"references":[{"url":"https://github.com/danny-avila/LibreChat/security/advisories/GHSA-g445-9wq6-jf3v","source":"security-advisories@github.com","tags":["Exploit","Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-54040","sourceIdentifier":"security-advisories@github.com","published":"2026-06-25T17:16:41.123","lastModified":"2026-06-29T16:00:14.880","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"LibreChat is an enhanced ChatGPT clone that supports multiple AI providers. Prior to 0.8.4-rc1, the POST /api/auth/2fa/backup/regenerate endpoint regenerates all 2FA backup codes without requiring any TOTP token or existing backup code verification. An attacker with a stolen session token can silently replace a victim's backup codes and use them to bypass 2FA login or disable 2FA entirely. This vulnerability is fixed in 0.8.4-rc1."}],"affected":[{"source":"security-advisories@github.com","affectedData":[{"vendor":"danny-avila","product":"LibreChat","versions":[{"version":"< 0.8.4-rc1","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:H/A:N","baseScore":5.9,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":1.6,"impactScore":4.2},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:N","baseScore":7.1,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":4.2}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-25T18:12:54.587144Z","id":"CVE-2026-54040","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-306"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:librechat:librechat:*:*:*:*:*:*:*:*","versionEndIncluding":"0.8.3","matchCriteriaId":"77B80F25-E7C2-442E-98E3-F4462C40C74F"}]}]}],"references":[{"url":"https://github.com/danny-avila/LibreChat/security/advisories/GHSA-h59w-x9h4-m6gv","source":"security-advisories@github.com","tags":["Exploit","Vendor Advisory"]},{"url":"https://github.com/danny-avila/LibreChat/security/advisories/GHSA-h59w-x9h4-m6gv","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","tags":["Exploit","Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-48995","sourceIdentifier":"security-advisories@github.com","published":"2026-06-25T18:16:38.687","lastModified":"2026-06-29T20:30:18.520","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"pnpm is a package manager. Prior to 10.33.4 and 11.0.7, a malicious codeload.github.com server can serve whatever tarball it wants and pnpm will install it regardless of the lockfile. The lockfile does not store the hash of the dependencies from https://codeload.github.com. This means that if this server was compromised or a person's machine configuration was compromised, pnpm would download and install these dependencies. This vulnerability is fixed in 10.33.4 and 11.0.7."}],"affected":[{"source":"security-advisories@github.com","affectedData":[{"vendor":"pnpm","product":"pnpm","versions":[{"version":"< 10.33.4","status":"affected"},{"version":">= 11.0.0, < 11.0.7","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":4.8,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"HIGH","attackRequirements":"NONE","privilegesRequired":"NONE","userInteraction":"ACTIVE","vulnConfidentialityImpact":"HIGH","vulnIntegrityImpact":"HIGH","vulnAvailabilityImpact":"HIGH","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"UNREPORTED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.6,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-26T02:11:29.692324Z","id":"CVE-2026-48995","options":[{"exploitation":"poc"},{"automatable":"yes"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-353"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:pnpm:pnpm:*:*:*:*:*:node.js:*:*","versionEndExcluding":"10.33.4","matchCriteriaId":"FB0786F0-E5A6-4E59-91DE-038E28B3CAD9"},{"vulnerable":true,"criteria":"cpe:2.3:a:pnpm:pnpm:*:*:*:*:*:node.js:*:*","versionStartIncluding":"11.0.0","versionEndExcluding":"11.0.7","matchCriteriaId":"F8DC2C1F-DDDC-432F-AFF5-C3FFB1FDC664"}]}]}],"references":[{"url":"https://github.com/pnpm/pnpm/security/advisories/GHSA-hg3w-7f8c-63hp","source":"security-advisories@github.com","tags":["Exploit","Vendor Advisory"]},{"url":"https://github.com/pnpm/pnpm/security/advisories/GHSA-hg3w-7f8c-63hp","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","tags":["Exploit","Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-50014","sourceIdentifier":"security-advisories@github.com","published":"2026-06-25T18:16:39.043","lastModified":"2026-06-29T21:14:58.763","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"pnpm is a package manager. Prior to 10.34.0 and 11.4.0, pnpm passes the lockfile-controlled git resolution.commit value to git fetch without a -- separator or commit-format validation. For git dependencies fetched through the shallow-fetch path, a malicious lockfile can replace the expected 40-character commit hash with a Git option such as --upload-pack=<command>. For SSH and local transports, --upload-pack can execute the supplied command. HTTPS transports ignore --upload-pack, so the practical attack surface is primarily SSH or local git dependencies. This vulnerability is fixed in 10.34.0 and 11.4.0."}],"affected":[{"source":"security-advisories@github.com","affectedData":[{"vendor":"pnpm","product":"pnpm","versions":[{"version":"< 10.33.4","status":"affected"},{"version":">= 11.0.0, < 11.4.0","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:N","baseScore":6.4,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":1.2,"impactScore":5.2},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N","baseScore":7.3,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":2.1,"impactScore":5.2}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-25T00:00:00+00:00","id":"CVE-2026-50014","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-88"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:pnpm:pnpm:*:*:*:*:*:node.js:*:*","versionEndExcluding":"10.34.0","matchCriteriaId":"F41CB711-4C82-4DEA-BC04-6DFB489B0158"},{"vulnerable":true,"criteria":"cpe:2.3:a:pnpm:pnpm:*:*:*:*:*:node.js:*:*","versionStartIncluding":"11.0.0","versionEndExcluding":"11.4.0","matchCriteriaId":"7D7BF63F-E778-4B19-8290-D8D69305361D"}]}]}],"references":[{"url":"https://github.com/pnpm/pnpm/security/advisories/GHSA-p4xf-rf54-rj3x","source":"security-advisories@github.com","tags":["Exploit","Mitigation","Vendor Advisory"]},{"url":"https://github.com/pnpm/pnpm/security/advisories/GHSA-p4xf-rf54-rj3x","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","tags":["Exploit","Mitigation","Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-50015","sourceIdentifier":"security-advisories@github.com","published":"2026-06-25T18:16:39.167","lastModified":"2026-06-29T21:15:11.907","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"pnpm is a package manager. Prior to 10.34.0 and 11.4.0, pnpm's patch application pipeline (@pnpm/patch-package) performs no path validation on file paths extracted from .patch files. An attacker who contributes a malicious patch file via a pull request can write attacker-controlled content to or delete arbitrary files on the filesystem during pnpm install, as the user running the install. The diff --git header paths containing ../../ sequences traverse out of the package directory, and the traversal is difficult to catch in code review because patch file diff headers are opaque to most reviewers. This vulnerability is fixed in 10.34.0 and 11.4.0."}],"affected":[{"source":"security-advisories@github.com","affectedData":[{"vendor":"pnpm","product":"pnpm","versions":[{"version":"< 10.33.4","status":"affected"},{"version":">= 11.0.0, < 11.4.0","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:H","baseScore":7.3,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.1,"impactScore":5.2}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-25T17:59:13.012393Z","id":"CVE-2026-50015","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-22"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:pnpm:pnpm:*:*:*:*:*:node.js:*:*","versionEndExcluding":"10.34.0","matchCriteriaId":"F41CB711-4C82-4DEA-BC04-6DFB489B0158"},{"vulnerable":true,"criteria":"cpe:2.3:a:pnpm:pnpm:*:*:*:*:*:node.js:*:*","versionStartIncluding":"11.0.0","versionEndExcluding":"11.4.0","matchCriteriaId":"7D7BF63F-E778-4B19-8290-D8D69305361D"}]}]}],"references":[{"url":"https://github.com/pnpm/pnpm/security/advisories/GHSA-rxhj-4m44-96r4","source":"security-advisories@github.com","tags":["Exploit","Mitigation","Vendor Advisory"]},{"url":"https://github.com/pnpm/pnpm/security/advisories/GHSA-rxhj-4m44-96r4","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","tags":["Exploit","Mitigation","Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-50021","sourceIdentifier":"security-advisories@github.com","published":"2026-06-25T18:16:39.557","lastModified":"2026-06-29T21:15:33.397","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"pnpm is a package manager. Prior to 10.34.0 and 11.4.0, pnpm's tarball extraction worker skips integrity verification when the integrity field is absent from the lockfile resolution. If an attacker can both modify pnpm-lock.yaml to remove the integrity: field and cause the referenced registry URL to serve altered package content, pnpm install --frozen-lockfile can install the altered package without an integrity error. npm's npm ci enforces integrity by default; pnpm's behavior of silently skipping verification is a pnpm-specific fail-open gap. This vulnerability is fixed in 10.34.0 and 11.4.0."}],"affected":[{"source":"security-advisories@github.com","affectedData":[{"vendor":"pnpm","product":"pnpm","versions":[{"version":"< 10.34.0","status":"affected"},{"version":">= 11.0.0, < 11.4.0","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N","baseScore":6.8,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":1.6,"impactScore":5.2},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N","baseScore":8.1,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":5.2}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-25T00:00:00+00:00","id":"CVE-2026-50021","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-354"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:pnpm:pnpm:*:*:*:*:*:node.js:*:*","versionEndExcluding":"10.34.0","matchCriteriaId":"F41CB711-4C82-4DEA-BC04-6DFB489B0158"},{"vulnerable":true,"criteria":"cpe:2.3:a:pnpm:pnpm:*:*:*:*:*:node.js:*:*","versionStartIncluding":"11.0.0","versionEndExcluding":"11.4.0","matchCriteriaId":"7D7BF63F-E778-4B19-8290-D8D69305361D"}]}]}],"references":[{"url":"https://github.com/pnpm/pnpm/security/advisories/GHSA-q6j5-fjx5-2mc3","source":"security-advisories@github.com","tags":["Exploit","Mitigation","Vendor Advisory"]},{"url":"https://github.com/pnpm/pnpm/security/advisories/GHSA-q6j5-fjx5-2mc3","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","tags":["Exploit","Mitigation","Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-50573","sourceIdentifier":"security-advisories@github.com","published":"2026-06-25T18:16:39.687","lastModified":"2026-06-29T21:15:58.043","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"pnpm is a package manager. Prior to 10.34.0 and 11.4.0, `pnpm install` in non-frozen mode can accept new remote package content after detecting that the downloaded tarball does not match the integrity recorded in pnpm-lock.yaml. When a package is already locked with an integrity value, and the registry later serves different metadata and tarball content for the same package name and version, pnpm initially reports an integrity mismatch. However, plain pnpm install then performs a resolution repair, accepts the registry's new integrity, updates the lockfile, installs the new content, and exits successfully. This means the lockfile integrity check does not act as a hard stop by default. This vulnerability is fixed in 10.34.0 and 11.4.0."}],"affected":[{"source":"security-advisories@github.com","affectedData":[{"vendor":"pnpm","product":"pnpm","versions":[{"version":"< 10.33.4","status":"affected"},{"version":">= 11.0.0, < 11.4.0","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N","baseScore":6.8,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":1.6,"impactScore":5.2},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N","baseScore":8.1,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":5.2}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-25T00:00:00+00:00","id":"CVE-2026-50573","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-345"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:pnpm:pnpm:*:*:*:*:*:node.js:*:*","versionEndExcluding":"10.34.0","matchCriteriaId":"F41CB711-4C82-4DEA-BC04-6DFB489B0158"},{"vulnerable":true,"criteria":"cpe:2.3:a:pnpm:pnpm:*:*:*:*:*:node.js:*:*","versionStartIncluding":"11.0.0","versionEndExcluding":"11.4.0","matchCriteriaId":"7D7BF63F-E778-4B19-8290-D8D69305361D"}]}]}],"references":[{"url":"https://github.com/pnpm/pnpm/security/advisories/GHSA-54hh-g5mx-jqcp","source":"security-advisories@github.com","tags":["Exploit","Vendor Advisory"]},{"url":"https://github.com/pnpm/pnpm/security/advisories/GHSA-54hh-g5mx-jqcp","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","tags":["Exploit","Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-55180","sourceIdentifier":"security-advisories@github.com","published":"2026-06-25T18:16:40.327","lastModified":"2026-06-29T21:16:13.053","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"pnpm is a package manager. Prior to 10.34.2 and 11.5.3, pnpm and pacquet expanded ${ENV_VAR} placeholders from repository-controlled .npmrc and pnpm-workspace.yaml into registry request destinations and registry credentials. A malicious repository could cause dependency resolution to send victim environment secrets to an attacker-selected registry before lifecycle scripts run. This vulnerability is fixed in 10.34.2 and 11.5.3."}],"affected":[{"source":"security-advisories@github.com","affectedData":[{"vendor":"pnpm","product":"pnpm","versions":[{"version":"< 10.34.2","status":"affected"},{"version":">= 11.0.0, < 11.5.3","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-25T17:58:14.420758Z","id":"CVE-2026-55180","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-200"},{"lang":"en","value":"CWE-201"},{"lang":"en","value":"CWE-522"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:pnpm:pnpm:*:*:*:*:*:node.js:*:*","versionEndExcluding":"10.34.2","matchCriteriaId":"78477B45-9B80-4320-A5F4-2AF8D030DA04"},{"vulnerable":true,"criteria":"cpe:2.3:a:pnpm:pnpm:*:*:*:*:*:node.js:*:*","versionStartIncluding":"11.0.0","versionEndExcluding":"11.5.3","matchCriteriaId":"F72C2733-EDFC-4CBF-8B11-7C636ABEBC1A"}]}]}],"references":[{"url":"https://github.com/pnpm/pnpm/security/advisories/GHSA-3qhv-2rgh-x77r","source":"security-advisories@github.com","tags":["Exploit","Vendor Advisory"]},{"url":"https://github.com/pnpm/pnpm/security/advisories/GHSA-3qhv-2rgh-x77r","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","tags":["Exploit","Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-55487","sourceIdentifier":"security-advisories@github.com","published":"2026-06-25T18:16:40.460","lastModified":"2026-06-29T21:16:26.670","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"pnpm is a package manager. Prior to 10.34.2 and 11.5.3, the generic peer-suffix normalizer also stripped parenthesized text from git, URL, tarball, file, and other opaque locators. Approval for one source string could therefore authorize a different attacker-controlled source whose locator normalized to the same value. This vulnerability is fixed in 10.34.2 and 11.5.3."}],"affected":[{"source":"security-advisories@github.com","affectedData":[{"vendor":"pnpm","product":"pnpm","versions":[{"version":"< 10.34.2","status":"affected"},{"version":">= 11.0.0, < 11.5.3","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.6,"impactScore":5.9},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-25T18:02:49.413766Z","id":"CVE-2026-55487","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-346"},{"lang":"en","value":"CWE-693"},{"lang":"en","value":"CWE-829"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:pnpm:pnpm:*:*:*:*:*:node.js:*:*","versionEndExcluding":"10.34.2","matchCriteriaId":"78477B45-9B80-4320-A5F4-2AF8D030DA04"},{"vulnerable":true,"criteria":"cpe:2.3:a:pnpm:pnpm:*:*:*:*:*:node.js:*:*","versionStartIncluding":"11.0.0","versionEndExcluding":"11.5.3","matchCriteriaId":"F72C2733-EDFC-4CBF-8B11-7C636ABEBC1A"}]}]}],"references":[{"url":"https://github.com/pnpm/pnpm/security/advisories/GHSA-5wx6-mg75-v57r","source":"security-advisories@github.com","tags":["Exploit","Vendor Advisory"]},{"url":"https://github.com/pnpm/pnpm/security/advisories/GHSA-5wx6-mg75-v57r","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","tags":["Exploit","Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-55699","sourceIdentifier":"security-advisories@github.com","published":"2026-06-25T18:16:40.960","lastModified":"2026-06-29T21:16:36.770","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"pnpm is a package manager. Prior to 10.34.2 and 11.5.3, Manifest bin object keys such as \"\", \".\", and \"..\" passed pnpm's bin-name guard. When a malicious package was installed globally, later global remove, update, or add-replacement flows could re-derive those names from the installed manifest and pass path.join(globalBinDir, binName) to removeBin. For \".\" this targets the global bin directory; for \"..\" this targets its parent. This vulnerability is fixed in 10.34.2 and 11.5.3."}],"affected":[{"source":"security-advisories@github.com","affectedData":[{"vendor":"pnpm","product":"pnpm","versions":[{"version":"< 10.34.2","status":"affected"},{"version":">= 11.0.0, < 11.5.3","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-25T17:54:13.594963Z","id":"CVE-2026-55699","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-22"},{"lang":"en","value":"CWE-73"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:pnpm:pnpm:*:*:*:*:*:node.js:*:*","versionEndExcluding":"10.34.2","matchCriteriaId":"78477B45-9B80-4320-A5F4-2AF8D030DA04"},{"vulnerable":true,"criteria":"cpe:2.3:a:pnpm:pnpm:*:*:*:*:*:node.js:*:*","versionStartIncluding":"11.0.0","versionEndExcluding":"11.5.3","matchCriteriaId":"F72C2733-EDFC-4CBF-8B11-7C636ABEBC1A"}]}]}],"references":[{"url":"https://github.com/pnpm/pnpm/security/advisories/GHSA-4gxm-v5v7-fqc4","source":"security-advisories@github.com","tags":["Exploit","Vendor Advisory"]},{"url":"https://github.com/pnpm/pnpm/security/advisories/GHSA-4gxm-v5v7-fqc4","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","tags":["Exploit","Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-55700","sourceIdentifier":"security-advisories@github.com","published":"2026-06-25T18:16:41.087","lastModified":"2026-06-29T21:16:55.820","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"pnpm is a package manager. From 11.3.0 until 11.5.3, `pnpm stage download` derived a local filename from registry-controlled package name and version fields. A crafted manifest could escape the selected download directory and overwrite another reachable file. The merged fix validates both fields, derives one safe filename, and verifies the final destination before writing. This vulnerability is fixed in 11.5.3."}],"affected":[{"source":"security-advisories@github.com","affectedData":[{"vendor":"pnpm","product":"pnpm","versions":[{"version":">= 11.3.0, < 11.5.3","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:L","baseScore":7.1,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"HIGH","availabilityImpact":"LOW"},"exploitabilityScore":2.8,"impactScore":4.2}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-25T18:16:18.487487Z","id":"CVE-2026-55700","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-22"},{"lang":"en","value":"CWE-73"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:pnpm:pnpm:*:*:*:*:*:node.js:*:*","versionStartIncluding":"11.3.0","versionEndExcluding":"11.5.3","matchCriteriaId":"378F55B5-CC3E-4D35-88A9-DFACEB1BF606"}]}]}],"references":[{"url":"https://github.com/pnpm/pnpm/pull/12303","source":"security-advisories@github.com","tags":["Patch"]},{"url":"https://github.com/pnpm/pnpm/security/advisories/GHSA-v23m-ccfg-pq9h","source":"security-advisories@github.com","tags":["Exploit","Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-54917","sourceIdentifier":"security-advisories@github.com","published":"2026-06-25T19:16:42.230","lastModified":"2026-06-29T21:21:10.757","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"SeaweedFS is a distributed storage system for object storage (S3), file systems, and Iceberg tables. Prior to 4.30, the S3 API gateway and the Iceberg REST catalog gateway construct their routers with mux.NewRouter().SkipClean(true). With path cleaning disabled, a .. segment inside the URL survives routing, so a request such as `GET /bucket-A/../evil-bucket/key`, is matched as bucket=bucket-A, object=../evil-bucket/key. The captured object key is then joined into a filer path with util.JoinPath (S3) / path.Join (Iceberg), which collapse the .. server-side, so the actual read or write lands in evil-bucket. This vulnerability is fixed in 4.30."}],"affected":[{"source":"security-advisories@github.com","affectedData":[{"vendor":"seaweedfs","product":"seaweedfs","versions":[{"version":"< 4.30","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:H/SI:H/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"NONE","userInteraction":"NONE","vulnConfidentialityImpact":"NONE","vulnIntegrityImpact":"NONE","vulnAvailabilityImpact":"NONE","subConfidentialityImpact":"HIGH","subIntegrityImpact":"HIGH","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:N","baseScore":10.0,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":5.8}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-25T19:04:26.709044Z","id":"CVE-2026-54917","options":[{"exploitation":"poc"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-22"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:seaweedfs:seaweedfs:*:*:*:*:*:*:*:*","versionEndExcluding":"4.30","matchCriteriaId":"703580BC-7917-44BD-9CC5-F3F019010301"}]}]}],"references":[{"url":"https://github.com/seaweedfs/seaweedfs/pull/9687","source":"security-advisories@github.com","tags":["Issue Tracking","Mitigation"]},{"url":"https://github.com/seaweedfs/seaweedfs/security/advisories/GHSA-w62w-66v9-vvgv","source":"security-advisories@github.com","tags":["Exploit","Patch","Vendor Advisory"]},{"url":"https://github.com/seaweedfs/seaweedfs/security/advisories/GHSA-w62w-66v9-vvgv","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","tags":["Exploit","Patch","Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-57700","sourceIdentifier":"audit@patchstack.com","published":"2026-06-25T19:16:45.973","lastModified":"2026-06-29T18:16:39.083","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"Unrestricted Upload of File with Dangerous Type vulnerability in Daan.Dev OMGF Pro allows Using Malicious Files.\n\nThis issue affects OMGF Pro: from n/a through 5.2.6."}],"affected":[{"source":"audit@patchstack.com","affectedData":[{"vendor":"Daan.dev","product":"OMGF Pro","defaultStatus":"unaffected","versions":[{"version":"n/a","lessThanOrEqual":"5.2.6","versionType":"custom","status":"affected","changes":[{"at":"5.2.7","status":"unaffected"}]}]}]}],"metrics":{"cvssMetricV31":[{"source":"audit@patchstack.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H","baseScore":10.0,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":6.0}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-29T17:43:31.794854Z","id":"CVE-2026-57700","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"audit@patchstack.com","type":"Secondary","description":[{"lang":"en","value":"CWE-434"}]}],"references":[{"url":"https://patchstack.com/database/wordpress/plugin/host-google-fonts-pro/vulnerability/wordpress-omgf-pro-plugin-5-2-6-arbitrary-file-upload-vulnerability?_s_id=cve","source":"audit@patchstack.com"}]}},{"cve":{"id":"CVE-2025-71327","sourceIdentifier":"disclosure@vulncheck.com","published":"2026-06-25T22:16:58.740","lastModified":"2026-06-29T18:44:34.753","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Flowise contains an authentication bypass vulnerability in the unprotected /api/v1/account/register endpoint that allows unauthenticated attackers to create user accounts. Remote attackers can exploit this endpoint to register arbitrary accounts and authenticate to the system, gaining full API access without credentials."}],"affected":[{"source":"disclosure@vulncheck.com","affectedData":[{"vendor":"Flowise","product":"Flowise","defaultStatus":"unaffected","packageURL":"pkg:npm/flowise","versions":[{"version":"3.0.1","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"disclosure@vulncheck.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":9.3,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"NONE","userInteraction":"NONE","vulnConfidentialityImpact":"HIGH","vulnIntegrityImpact":"HIGH","vulnAvailabilityImpact":"NONE","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"disclosure@vulncheck.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N","baseScore":9.1,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":5.2}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-26T12:46:18.399148Z","id":"CVE-2025-71327","options":[{"exploitation":"poc"},{"automatable":"yes"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"disclosure@vulncheck.com","type":"Secondary","description":[{"lang":"en","value":"CWE-306"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:flowiseai:flowise:3.0.1:*:*:*:*:*:*:*","matchCriteriaId":"50E05577-E358-472D-9273-3EA9DEDEC2D0"}]}]}],"references":[{"url":"https://github.com/FlowiseAI/Flowise/security/advisories/GHSA-v5w9-prxf-w882","source":"disclosure@vulncheck.com","tags":["Exploit","Vendor Advisory"]},{"url":"https://www.vulncheck.com/advisories/flowise-authentication-bypass-via-unprotected-registration-endpoint","source":"disclosure@vulncheck.com","tags":["Third Party Advisory"]},{"url":"https://github.com/FlowiseAI/Flowise/security/advisories/GHSA-v5w9-prxf-w882","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","tags":["Exploit","Vendor Advisory"]}]}},{"cve":{"id":"CVE-2025-71328","sourceIdentifier":"disclosure@vulncheck.com","published":"2026-06-25T22:16:58.877","lastModified":"2026-06-29T18:46:58.507","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Flowise before 3.0.10 contains an unverified password change vulnerability. An authenticated user can change their account password through the account settings (Security) section without supplying the current password or any additional verification, as the application does not enforce a current-password check on the credential change. This can lead to full account takeover, particularly if an attacker can hijack or coerce an authenticated session."}],"affected":[{"source":"disclosure@vulncheck.com","affectedData":[{"vendor":"Flowise","product":"Flowise","defaultStatus":"unaffected","packageURL":"pkg:npm/flowise-ui","versions":[{"version":"0","lessThan":"3.0.10","versionType":"semver","status":"affected"},{"version":"3.0.10","versionType":"semver","status":"unaffected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"disclosure@vulncheck.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":8.7,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"LOW","userInteraction":"NONE","vulnConfidentialityImpact":"HIGH","vulnIntegrityImpact":"HIGH","vulnAvailabilityImpact":"LOW","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"disclosure@vulncheck.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L","baseScore":8.3,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"LOW"},"exploitabilityScore":2.8,"impactScore":5.5},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-26T13:43:32.439194Z","id":"CVE-2025-71328","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"disclosure@vulncheck.com","type":"Secondary","description":[{"lang":"en","value":"CWE-620"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:flowiseai:flowise:*:*:*:*:*:*:*:*","versionEndExcluding":"3.0.10","matchCriteriaId":"CDE9C759-A6B9-490A-B671-48A54B09D014"}]}]}],"references":[{"url":"https://github.com/FlowiseAI/Flowise/security/advisories/GHSA-fjh6-8679-9pch","source":"disclosure@vulncheck.com","tags":["Exploit","Vendor Advisory"]},{"url":"https://www.vulncheck.com/advisories/flowise-unverified-password-change-via-account-settings","source":"disclosure@vulncheck.com","tags":["Third Party Advisory"]},{"url":"https://github.com/FlowiseAI/Flowise/security/advisories/GHSA-fjh6-8679-9pch","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","tags":["Exploit","Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-40080","sourceIdentifier":"security-advisories@github.com","published":"2026-06-25T23:17:02.623","lastModified":"2026-06-29T18:52:43.557","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Cacti is an open source performance and fault management framework. Versions 1.2.30 and prior are vulnerable to Open Redirect through a substring check rather than a host check at str_contains($referer, CACTI_PATH_URL). When the user's login_opts == '1' (redirect to referer after login), the function used $_SERVER['HTTP_REFERER'] directly.  An attacker could craft a referer such as https://evil.com/cacti/. Where CACTI_PATH_URL is /cacti/, the substring matches and the user is redirected to evil.com after login. The pre-existing validate_redirect_url() helper at lib/html_utility.php performed proper validation but was not invoked from auth_login_redirect(). This issue has been fixed in version 1.2.31."}],"affected":[{"source":"security-advisories@github.com","affectedData":[{"vendor":"Cacti","product":"cacti","versions":[{"version":"< 1.2.31","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","baseScore":6.1,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":2.7}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-26T14:08:58.081501Z","id":"CVE-2026-40080","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-601"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:cacti:cacti:*:*:*:*:*:*:*:*","versionEndExcluding":"1.2.31","matchCriteriaId":"5406B2E1-D53C-45AC-8F93-CFCAEDC1B5F8"}]}]}],"references":[{"url":"https://github.com/Cacti/cacti/releases/tag/release%2F1.2.31","source":"security-advisories@github.com","tags":["Product","Release Notes"]},{"url":"https://github.com/Cacti/cacti/security/advisories/GHSA-6gr7-53g8-vchq","source":"security-advisories@github.com","tags":["Exploit","Mitigation","Vendor Advisory"]},{"url":"https://github.com/Cacti/cacti/security/advisories/GHSA-6gr7-53g8-vchq","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","tags":["Exploit","Mitigation","Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-40082","sourceIdentifier":"security-advisories@github.com","published":"2026-06-25T23:17:02.760","lastModified":"2026-06-29T18:50:31.970","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Cacti is an open source performance and fault management framework. Versions 1.2.30 and prior have missing session_regenerate_id() after login, leading to Session Fixation. session_regenerate_id() is NOT called after successful login. The login flow at auth_login.php:203-207 directly sets $_SESSION[SESS_USER_ID] without rotating the session ID. The session cookie configuration is otherwise good (httponly=true, samesite=Strict, secure=true for HTTPS at include/global.php:513-537), but these do not prevent session fixation via same-site vectors. This issue has been fixed in version 1.2.31."}],"affected":[{"source":"security-advisories@github.com","affectedData":[{"vendor":"Cacti","product":"cacti","versions":[{"version":"< 1.2.31","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N","baseScore":5.4,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":2.5}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-26T17:50:35.387627Z","id":"CVE-2026-40082","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-384"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:cacti:cacti:*:*:*:*:*:*:*:*","versionEndExcluding":"1.2.31","matchCriteriaId":"5406B2E1-D53C-45AC-8F93-CFCAEDC1B5F8"}]}]}],"references":[{"url":"https://github.com/Cacti/cacti/commit/2fa404e70a5702be10682555911228e8e51ba198","source":"security-advisories@github.com","tags":["Patch"]},{"url":"https://github.com/Cacti/cacti/releases/tag/release%2F1.2.31","source":"security-advisories@github.com","tags":["Product","Release Notes"]},{"url":"https://github.com/Cacti/cacti/security/advisories/GHSA-273r-qr93-wgcp","source":"security-advisories@github.com","tags":["Exploit","Mitigation","Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-40084","sourceIdentifier":"security-advisories@github.com","published":"2026-06-25T23:17:03.030","lastModified":"2026-06-29T18:48:17.770","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Cacti is an open source performance and fault management framework. Versions 1.2.30 and prior are vulnerable to Path Traversal  through the Report format_file Parameter, causing arbitrary file read. This vulnerability occurs in two stages. In the first stage (stored injection), lib/html_reports.php at line 283 stores $save['format_file'] =  $post['format_file'] directly into the database without any validation. In the second stage (file read), lib/reports.php at line 667 concatenates  CACTI_PATH_FORMATS . '/' . $format_file, and line 670 then calls file($format_file), reading arbitrary files from the filesystem. This issue has been fixed in version 1.2.31."}],"affected":[{"source":"security-advisories@github.com","affectedData":[{"vendor":"Cacti","product":"cacti","versions":[{"version":"< 1.2.31","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-26T12:44:34.528149Z","id":"CVE-2026-40084","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-22"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:cacti:cacti:*:*:*:*:*:*:*:*","versionEndExcluding":"1.2.31","matchCriteriaId":"5406B2E1-D53C-45AC-8F93-CFCAEDC1B5F8"}]}]}],"references":[{"url":"https://github.com/Cacti/cacti/commit/4c09efaebf3a9faec66969d0b5c4aceaf397f37f","source":"security-advisories@github.com","tags":["Patch"]},{"url":"https://github.com/Cacti/cacti/security/advisories/GHSA-mjvw-mhj5-9jcj","source":"security-advisories@github.com","tags":["Exploit","Mitigation","Vendor Advisory"]},{"url":"https://github.com/Cacti/cacti/security/advisories/GHSA-mjvw-mhj5-9jcj","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","tags":["Exploit","Mitigation","Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-40941","sourceIdentifier":"security-advisories@github.com","published":"2026-06-25T23:17:03.170","lastModified":"2026-06-29T18:47:08.937","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Cacti is an open source performance and fault management framework. Versions 1.2.30 and prior have a package import signature validation bypass allows which allows self-signed packages. This issue has been fixed in version 1.2.31."}],"affected":[{"source":"security-advisories@github.com","affectedData":[{"vendor":"Cacti","product":"cacti","versions":[{"version":"< 1.2.31","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":7.1,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"LOW","userInteraction":"NONE","vulnConfidentialityImpact":"NONE","vulnIntegrityImpact":"HIGH","vulnAvailabilityImpact":"NONE","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-26T14:56:48.504785Z","id":"CVE-2026-40941","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-347"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:cacti:cacti:*:*:*:*:*:*:*:*","versionEndExcluding":"1.2.31","matchCriteriaId":"5406B2E1-D53C-45AC-8F93-CFCAEDC1B5F8"}]}]}],"references":[{"url":"https://github.com/Cacti/cacti/pull/7054","source":"security-advisories@github.com","tags":["Issue Tracking","Patch"]},{"url":"https://github.com/Cacti/cacti/releases/tag/release%2F1.2.31","source":"security-advisories@github.com","tags":["Product","Release Notes"]},{"url":"https://github.com/Cacti/cacti/security/advisories/GHSA-274c-97hj-pv2v","source":"security-advisories@github.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-48934","sourceIdentifier":"support@hackerone.com","published":"2026-06-26T02:16:52.950","lastModified":"2026-06-29T14:16:54.390","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"A flaw in Node.js TLS host verification can cause an attacker to bypass certification validation.\r\n\r\nThis vulnerability affects all supported release lines: **Node.js 22**, **Node.js 24**, and **Node.js 26**."}],"affected":[{"source":"support@hackerone.com","affectedData":[{"vendor":"nodejs","product":"node","defaultStatus":"unaffected","versions":[{"version":"22.22.3","lessThanOrEqual":"22.22.3","versionType":"semver","status":"affected"},{"version":"24.16.0","lessThanOrEqual":"24.16.0","versionType":"semver","status":"affected"},{"version":"26.3.0","lessThanOrEqual":"26.3.0","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV30":[{"source":"support@hackerone.com","type":"Secondary","cvssData":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N","baseScore":4.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":1.4}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-26T13:35:45.737892Z","id":"CVE-2026-48934","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-noinfo"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-295"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:nodejs:node.js:22.22.3:*:*:*:-:*:*:*","matchCriteriaId":"3C0C5080-5F99-4651-9855-2DE03C9070C5"},{"vulnerable":true,"criteria":"cpe:2.3:a:nodejs:node.js:24.16.0:*:*:*:-:*:*:*","matchCriteriaId":"3B912C84-1AA5-4D74-AB1A-64162C80A33B"},{"vulnerable":true,"criteria":"cpe:2.3:a:nodejs:node.js:26.3.0:*:*:*:-:*:*:*","matchCriteriaId":"8152ACE6-3CAF-4CA0-8B19-D4753811EB44"}]}]}],"references":[{"url":"https://nodejs.org/en/blog/vulnerability/june-2026-security-releases","source":"support@hackerone.com","tags":["Patch","Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-50739","sourceIdentifier":"support@hackerone.com","published":"2026-06-26T02:16:53.407","lastModified":"2026-06-29T20:22:51.867","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"A bypass for CVE‑2026‑34913 exists with proper ownership validation that had not been applied to the reverse operation of linking campaigns and trackers through the `tracker-campaigns.php` script in Revive Adserver 6.0.7 and earlier. As a result, a low‑privileged user could link their trackers to campaigns owned by other managers on the same instance, leading to inconsistent ownership relationships."}],"affected":[{"source":"support@hackerone.com","affectedData":[{"vendor":"Revive","product":"Adserver","defaultStatus":"unaffected","versions":[{"version":"0","lessThanOrEqual":"6.0.7","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV30":[{"source":"support@hackerone.com","type":"Secondary","cvssData":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N","baseScore":4.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":1.4}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-26T12:28:20.731460Z","id":"CVE-2026-50739","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"support@hackerone.com","type":"Secondary","description":[{"lang":"en","value":"CWE-284"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:revive-adserver:revive_adserver:*:*:*:*:*:*:*:*","versionEndExcluding":"6.0.8","matchCriteriaId":"FD0ED938-344E-44B5-B3A6-793B968229B0"}]}]}],"references":[{"url":"https://hackerone.com/reports/3780709","source":"support@hackerone.com","tags":["Issue Tracking","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2026-50741","sourceIdentifier":"support@hackerone.com","published":"2026-06-26T02:16:53.627","lastModified":"2026-06-29T20:21:29.673","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Bypass to the fix for CVE-2026-34916. Variants of such vectors have been also reported by phucrio and offsetmd. The fix can be bypassed either by sending a disallowed but otherwise valid plugin identifier as `type`, or using the `ox.setChannelTargeting` XML-RPC API method."}],"affected":[{"source":"support@hackerone.com","affectedData":[{"vendor":"Revive","product":"Adserver","defaultStatus":"unaffected","versions":[{"version":"0","lessThanOrEqual":"6.0.7","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV30":[{"source":"support@hackerone.com","type":"Secondary","cvssData":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-26T12:27:34.466991Z","id":"CVE-2026-50741","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"support@hackerone.com","type":"Secondary","description":[{"lang":"en","value":"CWE-94"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:revive-adserver:revive_adserver:*:*:*:*:*:*:*:*","versionEndExcluding":"6.0.8","matchCriteriaId":"FD0ED938-344E-44B5-B3A6-793B968229B0"}]}]}],"references":[{"url":"https://hackerone.com/reports/3780854","source":"support@hackerone.com","tags":["Issue Tracking","Third Party Advisory"]},{"url":"https://hackerone.com/reports/3781492","source":"support@hackerone.com","tags":["Issue Tracking","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2026-50742","sourceIdentifier":"support@hackerone.com","published":"2026-06-26T02:16:53.740","lastModified":"2026-06-29T20:20:29.267","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"A stored XSS vulnerabilities exists in the `maintenance-acl-check.php` and `maintenance-banners-check.php` tools of Revive Adserver 6.0.7. The issue was caused by entity names being displayed without proper escaping when inconsistencies were detected. Whether the XSS payload is executed when an administrator uses the affected maintenance tools is not entirely under the attacker's control."}],"affected":[{"source":"support@hackerone.com","affectedData":[{"vendor":"Revive","product":"Adserver","defaultStatus":"unaffected","versions":[{"version":"0","lessThanOrEqual":"6.0.7","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N","baseScore":5.4,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.3,"impactScore":2.7}],"cvssMetricV30":[{"source":"support@hackerone.com","type":"Secondary","cvssData":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:H/PR:L/UI:R/S:C/C:L/I:L/A:N","baseScore":4.4,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":1.3,"impactScore":2.7}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-26T12:25:20.510870Z","id":"CVE-2026-50742","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"support@hackerone.com","type":"Secondary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:revive-adserver:revive_adserver:*:*:*:*:*:*:*:*","versionEndExcluding":"6.0.8","matchCriteriaId":"FD0ED938-344E-44B5-B3A6-793B968229B0"}]}]}],"references":[{"url":"https://hackerone.com/reports/3781311","source":"support@hackerone.com","tags":["Issue Tracking","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2026-50744","sourceIdentifier":"support@hackerone.com","published":"2026-06-26T02:16:53.847","lastModified":"2026-06-29T20:19:26.377","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"A bypass to the admin‑only restriction of the XML‑RPC API in Revive Adserver 6.0.7. The API response for the ox.login method returned a session ID cookie in the HTTP headers, and although the method correctly returned an error, the associated session was not invalidated. As a result, the leaked session ID could be used to perform subsequent API calls without restrictions."}],"affected":[{"source":"support@hackerone.com","affectedData":[{"vendor":"Revive","product":"Adserver","defaultStatus":"unaffected","versions":[{"version":"0","lessThanOrEqual":"6.0.7","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV30":[{"source":"support@hackerone.com","type":"Secondary","cvssData":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N","baseScore":4.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":1.4}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-26T12:29:37.917590Z","id":"CVE-2026-50744","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"support@hackerone.com","type":"Secondary","description":[{"lang":"en","value":"CWE-284"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:revive-adserver:revive_adserver:*:*:*:*:*:*:*:*","versionEndExcluding":"6.0.8","matchCriteriaId":"FD0ED938-344E-44B5-B3A6-793B968229B0"}]}]}],"references":[{"url":"https://hackerone.com/reports/3783738","source":"support@hackerone.com","tags":["Issue Tracking","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2026-50745","sourceIdentifier":"support@hackerone.com","published":"2026-06-26T02:16:53.953","lastModified":"2026-06-29T20:17:24.237","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"A missing sanitisation vulnerability exists with user input in the stats-video.php script. The way URLs to this script were constructed did not follow best practices, and the output of the Smarty custom helper function url was neither properly encoded nor sanitised, allowing user‑supplied input to be reflected without escaping."}],"affected":[{"source":"support@hackerone.com","affectedData":[{"vendor":"Revive","product":"Adserver","defaultStatus":"unaffected","versions":[{"version":"0","lessThanOrEqual":"6.0.7","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","baseScore":6.1,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":2.7}],"cvssMetricV30":[{"source":"support@hackerone.com","type":"Secondary","cvssData":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:N","baseScore":4.7,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":1.6,"impactScore":2.7}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-26T12:29:06.205421Z","id":"CVE-2026-50745","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"support@hackerone.com","type":"Secondary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:revive-adserver:revive_adserver:*:*:*:*:*:*:*:*","versionEndExcluding":"6.0.8","matchCriteriaId":"FD0ED938-344E-44B5-B3A6-793B968229B0"}]}]}],"references":[{"url":"https://hackerone.com/reports/3793243","source":"support@hackerone.com","tags":["Issue Tracking"]}]}},{"cve":{"id":"CVE-2025-64637","sourceIdentifier":"audit@patchstack.com","published":"2026-06-26T15:16:35.113","lastModified":"2026-06-29T16:16:35.113","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"Unauthenticated Content Injection in Auros Core <= 5.3.1 versions."}],"affected":[{"source":"audit@patchstack.com","affectedData":[{"vendor":"Opal_WP","product":"Auros Core","defaultStatus":"unaffected","collectionURL":"https://wordpress.org/plugins","packageName":"auros-core","versions":[{"version":"n/a","lessThanOrEqual":"5.3.1","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"audit@patchstack.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N","baseScore":5.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":1.4}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-29T16:07:20.490581Z","id":"CVE-2025-64637","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"audit@patchstack.com","type":"Secondary","description":[{"lang":"en","value":"CWE-80"}]}],"references":[{"url":"https://patchstack.com/database/wordpress/plugin/auros-core/vulnerability/wordpress-auros-core-plugin-5-3-1-content-injection-vulnerability?_s_id=cve","source":"audit@patchstack.com"}]}},{"cve":{"id":"CVE-2025-68075","sourceIdentifier":"audit@patchstack.com","published":"2026-06-26T15:16:35.860","lastModified":"2026-06-29T16:16:35.227","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"Contributor Cross Site Scripting (XSS) in BNE Testimonials <= 2.0.8 versions."}],"affected":[{"source":"audit@patchstack.com","affectedData":[{"vendor":"Kerry","product":"BNE Testimonials","defaultStatus":"unaffected","collectionURL":"https://wordpress.org/plugins","packageName":"bne-testimonials","versions":[{"version":"n/a","lessThanOrEqual":"2.0.8","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"audit@patchstack.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"LOW"},"exploitabilityScore":2.3,"impactScore":3.7}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-29T16:02:31.654215Z","id":"CVE-2025-68075","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"audit@patchstack.com","type":"Secondary","description":[{"lang":"en","value":"CWE-79"}]}],"references":[{"url":"https://patchstack.com/database/wordpress/plugin/bne-testimonials/vulnerability/wordpress-bne-testimonials-plugin-2-0-8-cross-site-scripting-xss-vulnerability?_s_id=cve","source":"audit@patchstack.com"}]}},{"cve":{"id":"CVE-2026-3472","sourceIdentifier":"responsibledisclosure@mattermost.com","published":"2026-06-26T15:16:38.770","lastModified":"2026-06-29T19:27:20.823","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Mattermost versions 10.11.x <= 10.11.18, 11.6.x <= 11.6.3, 11.5.x <= 11.5.6 fail to properly apply markdown image rendering restrictions to AI bot tool result posts, which allows an authenticated attacker to exfiltrate data to an attacker-controlled server via injecting markdown image syntax into tool result content rendered by a victim's client.. Mattermost Advisory ID: MMSA-2026-00619"}],"affected":[{"source":"responsibledisclosure@mattermost.com","affectedData":[{"vendor":"Mattermost","product":"Mattermost","defaultStatus":"unaffected","versions":[{"version":"10.11.0","lessThanOrEqual":"10.11.18","versionType":"semver","status":"affected"},{"version":"11.6.0","lessThanOrEqual":"11.6.3","versionType":"semver","status":"affected"},{"version":"11.5.0","lessThanOrEqual":"11.5.6","versionType":"semver","status":"affected"},{"version":"11.7.0","status":"unaffected"},{"version":"10.11.19","status":"unaffected"},{"version":"11.6.4","status":"unaffected"},{"version":"11.5.7","status":"unaffected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"responsibledisclosure@mattermost.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N","baseScore":3.5,"baseSeverity":"LOW","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":2.1,"impactScore":1.4}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-26T15:41:02.864491Z","id":"CVE-2026-3472","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"responsibledisclosure@mattermost.com","type":"Secondary","description":[{"lang":"en","value":"CWE-693"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:mattermost:mattermost_server:*:*:*:*:*:*:*:*","versionStartIncluding":"10.11.0","versionEndExcluding":"10.11.19","matchCriteriaId":"E5D17833-ABB6-4B7C-9A92-67C12D81F03D"},{"vulnerable":true,"criteria":"cpe:2.3:a:mattermost:mattermost_server:*:*:*:*:*:*:*:*","versionStartIncluding":"11.5.0","versionEndExcluding":"11.5.7","matchCriteriaId":"38954F04-A9D8-47B1-83B8-8D2FE24590F0"},{"vulnerable":true,"criteria":"cpe:2.3:a:mattermost:mattermost_server:*:*:*:*:*:*:*:*","versionStartIncluding":"11.6.0","versionEndExcluding":"11.6.4","matchCriteriaId":"F39BD857-E72D-4C8A-8054-2C2019FA86FB"}]}]}],"references":[{"url":"https://mattermost.com/security-updates","source":"responsibledisclosure@mattermost.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-4339","sourceIdentifier":"responsibledisclosure@mattermost.com","published":"2026-06-26T15:16:39.600","lastModified":"2026-06-29T19:26:34.283","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Mattermost versions 10.11.x <= 10.11.18, 11.6.x <= 11.6.3, 11.5.x <= 11.5.6 fail to validate attachment URLs against internal or private IP ranges in the Mattermost Agents plugin MCP server which allows an attacker with access to the MCP server in stdio mode to perform server-side request forgery (SSRF) and exfiltrate data from internal network services via supplying internal URLs as file attachments in post creation requests.. Mattermost Advisory ID: MMSA-2026-00635"}],"affected":[{"source":"responsibledisclosure@mattermost.com","affectedData":[{"vendor":"Mattermost","product":"Mattermost","defaultStatus":"unaffected","versions":[{"version":"10.11.0","lessThanOrEqual":"10.11.18","versionType":"semver","status":"affected"},{"version":"11.6.0","lessThanOrEqual":"11.6.3","versionType":"semver","status":"affected"},{"version":"11.5.0","lessThanOrEqual":"11.5.6","versionType":"semver","status":"affected"},{"version":"11.7.0","status":"unaffected"},{"version":"10.11.19","status":"unaffected"},{"version":"11.6.4","status":"unaffected"},{"version":"11.5.7","status":"unaffected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"responsibledisclosure@mattermost.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":2.0,"impactScore":4.0}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-26T15:40:26.600436Z","id":"CVE-2026-4339","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"responsibledisclosure@mattermost.com","type":"Secondary","description":[{"lang":"en","value":"CWE-918"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:mattermost:mattermost_server:*:*:*:*:*:*:*:*","versionStartIncluding":"10.11.0","versionEndExcluding":"10.11.19","matchCriteriaId":"E5D17833-ABB6-4B7C-9A92-67C12D81F03D"},{"vulnerable":true,"criteria":"cpe:2.3:a:mattermost:mattermost_server:*:*:*:*:*:*:*:*","versionStartIncluding":"11.5.0","versionEndExcluding":"11.5.7","matchCriteriaId":"38954F04-A9D8-47B1-83B8-8D2FE24590F0"},{"vulnerable":true,"criteria":"cpe:2.3:a:mattermost:mattermost_server:*:*:*:*:*:*:*:*","versionStartIncluding":"11.6.0","versionEndExcluding":"11.6.4","matchCriteriaId":"F39BD857-E72D-4C8A-8054-2C2019FA86FB"}]}]}],"references":[{"url":"https://mattermost.com/security-updates","source":"responsibledisclosure@mattermost.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-54826","sourceIdentifier":"audit@patchstack.com","published":"2026-06-26T15:16:40.350","lastModified":"2026-06-29T18:16:37.700","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"Subscriber Insecure Direct Object References (IDOR) in SupportCandy <= 3.4.6 versions."}],"affected":[{"source":"audit@patchstack.com","affectedData":[{"vendor":"PSM Plugins","product":"SupportCandy","defaultStatus":"unaffected","collectionURL":"https://wordpress.org/plugins","packageName":"supportcandy","versions":[{"version":"n/a","lessThanOrEqual":"3.4.6","versionType":"custom","status":"affected","changes":[{"at":"3.4.7","status":"unaffected"}]}]}]}],"metrics":{"cvssMetricV31":[{"source":"audit@patchstack.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:L","baseScore":7.6,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"LOW","availabilityImpact":"LOW"},"exploitabilityScore":2.8,"impactScore":4.7}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-29T17:37:47.483229Z","id":"CVE-2026-54826","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"audit@patchstack.com","type":"Secondary","description":[{"lang":"en","value":"CWE-639"}]}],"references":[{"url":"https://patchstack.com/database/wordpress/plugin/supportcandy/vulnerability/wordpress-supportcandy-plugin-3-4-6-insecure-direct-object-references-idor-vulnerability?_s_id=cve","source":"audit@patchstack.com"}]}},{"cve":{"id":"CVE-2026-54835","sourceIdentifier":"audit@patchstack.com","published":"2026-06-26T15:16:41.093","lastModified":"2026-06-29T18:16:37.903","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"Unauthenticated Broken Access Control in Five Star Restaurant Menu <= 2.5.2 versions."}],"affected":[{"source":"audit@patchstack.com","affectedData":[{"vendor":"Rustaurius","product":"Five Star Restaurant Menu","defaultStatus":"unaffected","collectionURL":"https://wordpress.org/plugins","packageName":"food-and-drink-menu","versions":[{"version":"n/a","lessThanOrEqual":"2.5.2","versionType":"custom","status":"affected","changes":[{"at":"2.5.3","status":"unaffected"}]}]}]}],"metrics":{"cvssMetricV31":[{"source":"audit@patchstack.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-29T17:40:53.192771Z","id":"CVE-2026-54835","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"audit@patchstack.com","type":"Secondary","description":[{"lang":"en","value":"CWE-862"}]}],"references":[{"url":"https://patchstack.com/database/wordpress/plugin/food-and-drink-menu/vulnerability/wordpress-five-star-restaurant-menu-plugin-2-5-2-broken-access-control-vulnerability?_s_id=cve","source":"audit@patchstack.com"}]}},{"cve":{"id":"CVE-2026-56008","sourceIdentifier":"audit@patchstack.com","published":"2026-06-26T15:16:41.927","lastModified":"2026-06-29T16:16:41.930","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"Contributor Privilege Escalation in Fusion Builder <= 3.15.4 versions."}],"affected":[{"source":"audit@patchstack.com","affectedData":[{"vendor":"ThemeFusion","product":"Fusion Builder","defaultStatus":"unaffected","collectionURL":"https://wordpress.org/plugins","packageName":"fusion-builder","versions":[{"version":"n/a","lessThanOrEqual":"3.15.4","versionType":"custom","status":"affected","changes":[{"at":"3.15.5","status":"unaffected"}]}]}]}],"metrics":{"cvssMetricV31":[{"source":"audit@patchstack.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-29T16:04:22.774398Z","id":"CVE-2026-56008","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"audit@patchstack.com","type":"Secondary","description":[{"lang":"en","value":"CWE-266"}]}],"references":[{"url":"https://patchstack.com/database/wordpress/plugin/fusion-builder/vulnerability/wordpress-fusion-builder-plugin-3-15-4-privilege-escalation-vulnerability?_s_id=cve","source":"audit@patchstack.com"}]}},{"cve":{"id":"CVE-2026-56028","sourceIdentifier":"audit@patchstack.com","published":"2026-06-26T15:16:42.660","lastModified":"2026-06-29T18:16:38.210","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"Unauthenticated Privilege Escalation in Easy Elements for Elementor &#8211; Addons &amp; Website Templates <= 1.4.9 versions."}],"affected":[{"source":"audit@patchstack.com","affectedData":[{"vendor":"themewant","product":"Easy Elements for Elementor &#8211; Addons &amp; Website Templates","defaultStatus":"unaffected","collectionURL":"https://wordpress.org/plugins","packageName":"easy-elements","versions":[{"version":"n/a","lessThanOrEqual":"1.4.9","versionType":"custom","status":"affected","changes":[{"at":"1.5.0","status":"unaffected"}]}]}]}],"metrics":{"cvssMetricV31":[{"source":"audit@patchstack.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-29T17:45:13.300116Z","id":"CVE-2026-56028","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"audit@patchstack.com","type":"Secondary","description":[{"lang":"en","value":"CWE-266"}]}],"references":[{"url":"https://patchstack.com/database/wordpress/plugin/easy-elements/vulnerability/wordpress-easy-elements-for-elementor-addons-website-templates-plugin-1-4-9-privilege-escalation-vulnerability?_s_id=cve","source":"audit@patchstack.com"}]}},{"cve":{"id":"CVE-2026-56034","sourceIdentifier":"audit@patchstack.com","published":"2026-06-26T15:16:43.380","lastModified":"2026-06-29T16:16:42.040","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"Unauthenticated SQL Injection in Library Management System <= 3.5.7 versions."}],"affected":[{"source":"audit@patchstack.com","affectedData":[{"vendor":"Online Web Tutor","product":"Library Management System","defaultStatus":"unaffected","collectionURL":"https://wordpress.org/plugins","packageName":"library-management-system","versions":[{"version":"n/a","lessThanOrEqual":"3.5.7","versionType":"custom","status":"affected","changes":[{"at":"3.5.8","status":"unaffected"}]}]}]}],"metrics":{"cvssMetricV31":[{"source":"audit@patchstack.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:L","baseScore":9.3,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"LOW"},"exploitabilityScore":3.9,"impactScore":4.7}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-29T15:18:34.497500Z","id":"CVE-2026-56034","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"audit@patchstack.com","type":"Secondary","description":[{"lang":"en","value":"CWE-89"}]}],"references":[{"url":"https://patchstack.com/database/wordpress/plugin/library-management-system/vulnerability/wordpress-library-management-system-plugin-3-5-7-sql-injection-vulnerability?_s_id=cve","source":"audit@patchstack.com"}]}},{"cve":{"id":"CVE-2026-56041","sourceIdentifier":"audit@patchstack.com","published":"2026-06-26T15:16:44.087","lastModified":"2026-06-29T16:16:42.140","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"Unauthenticated Cross Site Scripting (XSS) in Responsive Lightbox <= 2.7.6 versions."}],"affected":[{"source":"audit@patchstack.com","affectedData":[{"vendor":"dFactory","product":"Responsive Lightbox","defaultStatus":"unaffected","collectionURL":"https://wordpress.org/plugins","packageName":"responsive-lightbox","versions":[{"version":"n/a","lessThanOrEqual":"2.7.6","versionType":"custom","status":"affected","changes":[{"at":"2.7.7","status":"unaffected"}]}]}]}],"metrics":{"cvssMetricV31":[{"source":"audit@patchstack.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L","baseScore":7.1,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"LOW"},"exploitabilityScore":2.8,"impactScore":3.7}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-29T15:15:10.518881Z","id":"CVE-2026-56041","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"audit@patchstack.com","type":"Secondary","description":[{"lang":"en","value":"CWE-79"}]}],"references":[{"url":"https://patchstack.com/database/wordpress/plugin/responsive-lightbox/vulnerability/wordpress-responsive-lightbox-plugin-2-7-6-cross-site-scripting-xss-vulnerability?_s_id=cve","source":"audit@patchstack.com"}]}},{"cve":{"id":"CVE-2026-56048","sourceIdentifier":"audit@patchstack.com","published":"2026-06-26T15:16:44.793","lastModified":"2026-06-29T16:16:42.240","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"Unauthenticated Insecure Direct Object References (IDOR) in Payment Gateway Based Fees and Discounts for WooCommerce <= 3.0.0 versions."}],"affected":[{"source":"audit@patchstack.com","affectedData":[{"vendor":"tychesoftwares","product":"Payment Gateway Based Fees and Discounts for WooCommerce","defaultStatus":"unaffected","collectionURL":"https://wordpress.org/plugins","packageName":"checkout-fees-for-woocommerce","versions":[{"version":"n/a","lessThanOrEqual":"3.0.0","versionType":"custom","status":"affected","changes":[{"at":"3.1.0","status":"unaffected"}]}]}]}],"metrics":{"cvssMetricV31":[{"source":"audit@patchstack.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"LOW","availabilityImpact":"LOW"},"exploitabilityScore":3.9,"impactScore":2.5}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-29T15:44:27.516540Z","id":"CVE-2026-56048","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"audit@patchstack.com","type":"Secondary","description":[{"lang":"en","value":"CWE-639"}]}],"references":[{"url":"https://patchstack.com/database/wordpress/plugin/checkout-fees-for-woocommerce/vulnerability/wordpress-payment-gateway-based-fees-and-discounts-for-woocommerce-plugin-3-0-0-insecure-direct-object-references-idor-vulnerability?_s_id=cve","source":"audit@patchstack.com"}]}},{"cve":{"id":"CVE-2026-56061","sourceIdentifier":"audit@patchstack.com","published":"2026-06-26T15:16:45.503","lastModified":"2026-06-29T16:16:42.347","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"Unauthenticated Broken Access Control in Subscriptions for WooCommerce <= 1.9.5 versions."}],"affected":[{"source":"audit@patchstack.com","affectedData":[{"vendor":"WP Swings","product":"Subscriptions for WooCommerce","defaultStatus":"unaffected","collectionURL":"https://wordpress.org/plugins","packageName":"subscriptions-for-woocommerce","versions":[{"version":"n/a","lessThanOrEqual":"1.9.5","versionType":"custom","status":"affected","changes":[{"at":"1.9.6","status":"unaffected"}]}]}]}],"metrics":{"cvssMetricV31":[{"source":"audit@patchstack.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-29T15:07:00.974539Z","id":"CVE-2026-56061","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"audit@patchstack.com","type":"Secondary","description":[{"lang":"en","value":"CWE-862"}]}],"references":[{"url":"https://patchstack.com/database/wordpress/plugin/subscriptions-for-woocommerce/vulnerability/wordpress-subscriptions-for-woocommerce-plugin-1-9-5-broken-access-control-vulnerability?_s_id=cve","source":"audit@patchstack.com"}]}},{"cve":{"id":"CVE-2026-56068","sourceIdentifier":"audit@patchstack.com","published":"2026-06-26T15:16:46.620","lastModified":"2026-06-29T15:16:42.103","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"Unauthenticated SQL Injection in JetEngine <= 3.8.10.2 versions."}],"affected":[{"source":"audit@patchstack.com","affectedData":[{"vendor":"Crocoblock. Jetimpex Inc.","product":"JetEngine","defaultStatus":"unaffected","collectionURL":"https://wordpress.org/plugins","packageName":"jet-engine","versions":[{"version":"n/a","lessThanOrEqual":"3.8.10.2","versionType":"custom","status":"affected","changes":[{"at":"3.8.11","status":"unaffected"}]}]}]}],"metrics":{"cvssMetricV31":[{"source":"audit@patchstack.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:L","baseScore":9.3,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"LOW"},"exploitabilityScore":3.9,"impactScore":4.7}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-29T14:47:44.559954Z","id":"CVE-2026-56068","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"audit@patchstack.com","type":"Secondary","description":[{"lang":"en","value":"CWE-89"}]}],"references":[{"url":"https://patchstack.com/database/wordpress/plugin/jet-engine/vulnerability/wordpress-jetengine-plugin-3-8-10-2-sql-injection-vulnerability?_s_id=cve","source":"audit@patchstack.com"}]}},{"cve":{"id":"CVE-2026-57314","sourceIdentifier":"audit@patchstack.com","published":"2026-06-26T15:16:48.037","lastModified":"2026-06-29T16:16:42.670","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"Unauthenticated Cross Site Scripting (XSS) in SureCart <= 4.3.2 versions."}],"affected":[{"source":"audit@patchstack.com","affectedData":[{"vendor":"SureCart","product":"SureCart","defaultStatus":"unaffected","collectionURL":"https://wordpress.org/plugins","packageName":"surecart","versions":[{"version":"n/a","lessThanOrEqual":"4.3.2","versionType":"custom","status":"affected","changes":[{"at":"4.3.3","status":"unaffected"}]}]}]}],"metrics":{"cvssMetricV31":[{"source":"audit@patchstack.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L","baseScore":7.1,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"LOW"},"exploitabilityScore":2.8,"impactScore":3.7}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-29T15:05:47.979470Z","id":"CVE-2026-57314","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"audit@patchstack.com","type":"Secondary","description":[{"lang":"en","value":"CWE-79"}]}],"references":[{"url":"https://patchstack.com/database/wordpress/plugin/surecart/vulnerability/wordpress-surecart-plugin-4-3-2-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve","source":"audit@patchstack.com"}]}},{"cve":{"id":"CVE-2026-57321","sourceIdentifier":"audit@patchstack.com","published":"2026-06-26T15:16:48.743","lastModified":"2026-06-29T16:16:42.883","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"Contributor Arbitrary File Deletion in H5P <= 1.17.7 versions."}],"affected":[{"source":"audit@patchstack.com","affectedData":[{"vendor":"icc0rz","product":"H5P","defaultStatus":"unaffected","collectionURL":"https://wordpress.org/plugins","packageName":"h5p","versions":[{"version":"n/a","lessThanOrEqual":"1.17.7","versionType":"custom","status":"affected","changes":[{"at":"1.17.8","status":"unaffected"}]}]}]}],"metrics":{"cvssMetricV31":[{"source":"audit@patchstack.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H","baseScore":7.1,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"LOW","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":4.2}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-29T15:00:51.377469Z","id":"CVE-2026-57321","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"audit@patchstack.com","type":"Secondary","description":[{"lang":"en","value":"CWE-22"}]}],"references":[{"url":"https://patchstack.com/database/wordpress/plugin/h5p/vulnerability/wordpress-h5p-plugin-1-17-7-arbitrary-file-deletion-vulnerability?_s_id=cve","source":"audit@patchstack.com"}]}},{"cve":{"id":"CVE-2026-57431","sourceIdentifier":"audit@patchstack.com","published":"2026-06-26T15:16:49.460","lastModified":"2026-06-29T15:16:44.973","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"Author Cross Site Scripting (XSS) in Featured Image <= 2.1 versions."}],"affected":[{"source":"audit@patchstack.com","affectedData":[{"vendor":"Mervin Praison","product":"Featured Image","defaultStatus":"unaffected","collectionURL":"https://wordpress.org/plugins","packageName":"featured-image","versions":[{"version":"n/a","lessThanOrEqual":"2.1","versionType":"custom","status":"affected","changes":[{"at":"2.2","status":"unaffected"}]}]}]}],"metrics":{"cvssMetricV31":[{"source":"audit@patchstack.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"LOW"},"exploitabilityScore":2.3,"impactScore":3.7}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-29T14:43:41.297106Z","id":"CVE-2026-57431","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"audit@patchstack.com","type":"Secondary","description":[{"lang":"en","value":"CWE-79"}]}],"references":[{"url":"https://patchstack.com/database/wordpress/plugin/featured-image/vulnerability/wordpress-featured-image-plugin-2-1-cross-site-scripting-xss-vulnerability?_s_id=cve","source":"audit@patchstack.com"}]}},{"cve":{"id":"CVE-2026-57629","sourceIdentifier":"audit@patchstack.com","published":"2026-06-26T15:16:50.323","lastModified":"2026-06-29T16:16:44.383","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"Contributor Cross Site Scripting (XSS) in StatCounter <= 2.1.1 versions."}],"affected":[{"source":"audit@patchstack.com","affectedData":[{"vendor":"StatCounter","product":"StatCounter","defaultStatus":"unaffected","collectionURL":"https://wordpress.org/plugins","packageName":"official-statcounter-plugin-for-wordpress","versions":[{"version":"n/a","lessThanOrEqual":"2.1.1","versionType":"custom","status":"affected","changes":[{"at":"2.1.2","status":"unaffected"}]}]}]}],"metrics":{"cvssMetricV31":[{"source":"audit@patchstack.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"LOW"},"exploitabilityScore":2.3,"impactScore":3.7}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-29T14:50:20.896343Z","id":"CVE-2026-57629","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"audit@patchstack.com","type":"Secondary","description":[{"lang":"en","value":"CWE-79"}]}],"references":[{"url":"https://patchstack.com/database/wordpress/plugin/official-statcounter-plugin-for-wordpress/vulnerability/wordpress-statcounter-plugin-2-1-1-cross-site-scripting-xss-vulnerability?_s_id=cve","source":"audit@patchstack.com"}]}},{"cve":{"id":"CVE-2026-57635","sourceIdentifier":"audit@patchstack.com","published":"2026-06-26T15:16:51.030","lastModified":"2026-06-29T15:16:45.183","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"Unauthenticated Cross Site Request Forgery (CSRF) in FunnelKit Payment Gateway for Stripe WooCommerce <= 1.14.0.3 versions."}],"affected":[{"source":"audit@patchstack.com","affectedData":[{"vendor":"FunnelKit","product":"FunnelKit Payment Gateway for Stripe WooCommerce","defaultStatus":"unaffected","collectionURL":"https://wordpress.org/plugins","packageName":"funnelkit-stripe-woo-payment-gateway","versions":[{"version":"n/a","lessThanOrEqual":"1.14.0.3","versionType":"custom","status":"affected","changes":[{"at":"1.14.0.4","status":"unaffected"}]}]}]}],"metrics":{"cvssMetricV31":[{"source":"audit@patchstack.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-29T13:31:08.706346Z","id":"CVE-2026-57635","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"audit@patchstack.com","type":"Secondary","description":[{"lang":"en","value":"CWE-352"}]}],"references":[{"url":"https://patchstack.com/database/wordpress/plugin/funnelkit-stripe-woo-payment-gateway/vulnerability/wordpress-funnelkit-payment-gateway-for-stripe-woocommerce-plugin-1-14-0-3-cross-site-request-forgery-csrf-vulnerability?_s_id=cve","source":"audit@patchstack.com"}]}},{"cve":{"id":"CVE-2026-57642","sourceIdentifier":"audit@patchstack.com","published":"2026-06-26T15:16:51.857","lastModified":"2026-06-29T16:16:44.490","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"Contributor SQL Injection in Gallery  <= 4.7.8 versions."}],"affected":[{"source":"audit@patchstack.com","affectedData":[{"vendor":"bestwebsoft","product":"Gallery","defaultStatus":"unaffected","collectionURL":"https://wordpress.org/plugins","packageName":"gallery-plugin","versions":[{"version":"n/a","lessThanOrEqual":"4.7.8","versionType":"custom","status":"affected","changes":[{"at":"4.7.9","status":"unaffected"}]}]}]}],"metrics":{"cvssMetricV31":[{"source":"audit@patchstack.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:L","baseScore":8.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"LOW"},"exploitabilityScore":3.1,"impactScore":4.7}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-29T15:54:02.472760Z","id":"CVE-2026-57642","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"audit@patchstack.com","type":"Secondary","description":[{"lang":"en","value":"CWE-89"}]}],"references":[{"url":"https://patchstack.com/database/wordpress/plugin/gallery-plugin/vulnerability/wordpress-gallery-plugin-4-7-8-sql-injection-vulnerability?_s_id=cve","source":"audit@patchstack.com"}]}},{"cve":{"id":"CVE-2026-57648","sourceIdentifier":"audit@patchstack.com","published":"2026-06-26T15:16:52.637","lastModified":"2026-06-29T15:16:45.283","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"Contributor Broken Access Control in Nelio Content <= 4.3.4 versions."}],"affected":[{"source":"audit@patchstack.com","affectedData":[{"vendor":"Nelio Software","product":"Nelio Content","defaultStatus":"unaffected","collectionURL":"https://wordpress.org/plugins","packageName":"nelio-content","versions":[{"version":"n/a","lessThanOrEqual":"4.3.4","versionType":"custom","status":"affected","changes":[{"at":"4.3.5","status":"unaffected"}]}]}]}],"metrics":{"cvssMetricV31":[{"source":"audit@patchstack.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N","baseScore":4.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":1.4}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-29T14:40:19.017908Z","id":"CVE-2026-57648","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"audit@patchstack.com","type":"Secondary","description":[{"lang":"en","value":"CWE-862"}]}],"references":[{"url":"https://patchstack.com/database/wordpress/plugin/nelio-content/vulnerability/wordpress-nelio-content-plugin-4-3-4-broken-access-control-vulnerability?_s_id=cve","source":"audit@patchstack.com"}]}},{"cve":{"id":"CVE-2026-57654","sourceIdentifier":"audit@patchstack.com","published":"2026-06-26T15:16:53.523","lastModified":"2026-06-29T15:16:45.377","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"Affiliate Broken Access Control in Affiliates Manager <= 2.9.49 versions."}],"affected":[{"source":"audit@patchstack.com","affectedData":[{"vendor":"wp.insider","product":"Affiliates Manager","defaultStatus":"unaffected","collectionURL":"https://wordpress.org/plugins","packageName":"affiliates-manager","versions":[{"version":"n/a","lessThanOrEqual":"2.9.49","versionType":"custom","status":"affected","changes":[{"at":"2.9.50","status":"unaffected"}]}]}]}],"metrics":{"cvssMetricV31":[{"source":"audit@patchstack.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-29T13:33:43.128940Z","id":"CVE-2026-57654","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"audit@patchstack.com","type":"Secondary","description":[{"lang":"en","value":"CWE-862"}]}],"references":[{"url":"https://patchstack.com/database/wordpress/plugin/affiliates-manager/vulnerability/wordpress-affiliates-manager-plugin-2-9-49-broken-access-control-vulnerability?_s_id=cve","source":"audit@patchstack.com"}]}},{"cve":{"id":"CVE-2026-57660","sourceIdentifier":"audit@patchstack.com","published":"2026-06-26T15:16:55.100","lastModified":"2026-06-29T15:16:45.470","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"Unauthenticated Broken Access Control in Booking and Rental Manager <= 2.7.1 versions."}],"affected":[{"source":"audit@patchstack.com","affectedData":[{"vendor":"magepeopleteam","product":"Booking and Rental Manager","defaultStatus":"unaffected","collectionURL":"https://wordpress.org/plugins","packageName":"booking-and-rental-manager-for-woocommerce","versions":[{"version":"n/a","lessThanOrEqual":"2.7.1","versionType":"custom","status":"affected","changes":[{"at":"2.7.2","status":"unaffected"}]}]}]}],"metrics":{"cvssMetricV31":[{"source":"audit@patchstack.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N","baseScore":5.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":1.4}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-29T13:44:24.804192Z","id":"CVE-2026-57660","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"audit@patchstack.com","type":"Secondary","description":[{"lang":"en","value":"CWE-862"}]}],"references":[{"url":"https://patchstack.com/database/wordpress/plugin/booking-and-rental-manager-for-woocommerce/vulnerability/wordpress-booking-and-rental-manager-plugin-2-7-1-broken-access-control-vulnerability?_s_id=cve","source":"audit@patchstack.com"}]}},{"cve":{"id":"CVE-2026-57667","sourceIdentifier":"audit@patchstack.com","published":"2026-06-26T15:16:55.810","lastModified":"2026-06-29T15:16:45.573","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"Sales Representative SQL Injection in Groundhogg <= 4.5 versions."}],"affected":[{"source":"audit@patchstack.com","affectedData":[{"vendor":"Adrian Tobey","product":"Groundhogg","defaultStatus":"unaffected","collectionURL":"https://wordpress.org/plugins","packageName":"groundhogg","versions":[{"version":"n/a","lessThanOrEqual":"4.5","versionType":"custom","status":"affected","changes":[{"at":"4.5.1","status":"unaffected"}]}]}]}],"metrics":{"cvssMetricV31":[{"source":"audit@patchstack.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:L","baseScore":8.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"LOW"},"exploitabilityScore":3.1,"impactScore":4.7}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-29T13:36:07.138191Z","id":"CVE-2026-57667","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"audit@patchstack.com","type":"Secondary","description":[{"lang":"en","value":"CWE-89"}]}],"references":[{"url":"https://patchstack.com/database/wordpress/plugin/groundhogg/vulnerability/wordpress-groundhogg-plugin-4-5-sql-injection-vulnerability?_s_id=cve","source":"audit@patchstack.com"}]}},{"cve":{"id":"CVE-2026-21734","sourceIdentifier":"367425dc-4d06-4041-9650-c2dc6aaa27ce","published":"2026-06-26T16:16:30.557","lastModified":"2026-06-29T18:44:35.690","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"A web page that contains unusual GPU shader code is loaded into the GPU compiler process and can trigger a write out-of-bounds write crash in the GPU shader compiler library. On certain platforms, when the compiler process has system privileges this could enable further exploits on the device.\n\n\n\nAn edge case using a very small value in GPU shader code can cause a segmentation fault in the GPU shader compiler due to am out-of-bounds write."}],"affected":[{"source":"367425dc-4d06-4041-9650-c2dc6aaa27ce","affectedData":[{"vendor":"Imagination Technologies","product":"Graphics DDK","defaultStatus":"unknown","platforms":["Linux","Android"],"versions":[{"version":"1.18 RTM","versionType":"custom","status":"affected"},{"version":"23.2 RTM","versionType":"custom","status":"affected"},{"version":"24.1 RTM","lessThanOrEqual":"24.2 RTM","versionType":"custom","status":"affected"},{"version":"25.1 RTM","lessThanOrEqual":"25.3 RTM","versionType":"custom","status":"affected"},{"version":"26.1 RTM","versionType":"custom","status":"unaffected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H","baseScore":7.7,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.5,"impactScore":5.2}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-26T19:12:05.663656Z","id":"CVE-2026-21734","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"367425dc-4d06-4041-9650-c2dc6aaa27ce","type":"Secondary","description":[{"lang":"en","value":"CWE-823"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:imaginationtech:ddk:*:*:*:*:*:*:*:*","versionEndIncluding":"25.2","matchCriteriaId":"1D75CD5B-2B2E-44C9-8422-D808630103B4"},{"vulnerable":true,"criteria":"cpe:2.3:a:imaginationtech:ddk:25.3:rtm:*:*:*:*:*:*","matchCriteriaId":"6B3E39FF-6C96-4A0B-9CE1-595C785DF920"}]}]}],"references":[{"url":"https://www.imaginationtech.com/gpu-driver-vulnerabilities/","source":"367425dc-4d06-4041-9650-c2dc6aaa27ce","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-45195","sourceIdentifier":"367425dc-4d06-4041-9650-c2dc6aaa27ce","published":"2026-06-26T16:16:30.893","lastModified":"2026-06-29T18:44:21.100","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Kernel software installed and running inside a Host VM may post improper commands to the GPU Firmware to trigger a memory read or write outside the permitted range of memory for the host kernel.\n\n\n\nAddresses passed to the GPU Firmware can be used by the Firmware for more privileged memory accesses than are permitted by the system."}],"affected":[{"source":"367425dc-4d06-4041-9650-c2dc6aaa27ce","affectedData":[{"vendor":"Imagination Technologies","product":"Graphics DDK","defaultStatus":"unknown","platforms":["Linux","Android"],"versions":[{"version":"1.18 RTM","versionType":"custom","status":"affected"},{"version":"23.2 RTM","versionType":"custom","status":"affected"},{"version":"24.2 RTM","versionType":"custom","status":"affected"},{"version":"25.1 RTM","lessThanOrEqual":"25.3 RTM","versionType":"custom","status":"affected"},{"version":"26.1 RTM","versionType":"custom","status":"affected"},{"version":"26.2 RTM","versionType":"custom","status":"unaffected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-26T19:14:26.787970Z","id":"CVE-2026-45195","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"367425dc-4d06-4041-9650-c2dc6aaa27ce","type":"Secondary","description":[{"lang":"en","value":"CWE-280"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:imaginationtech:ddk:*:*:*:*:*:*:*:*","versionEndIncluding":"25.3","matchCriteriaId":"CA5B5D24-BD0C-46D4-BBE4-4A983B0D7FDC"},{"vulnerable":true,"criteria":"cpe:2.3:a:imaginationtech:ddk:26.1:rtm1:*:*:*:*:*:*","matchCriteriaId":"B6047F4B-B29A-44F7-8F80-8A53C1917F38"}]}]}],"references":[{"url":"https://www.imaginationtech.com/gpu-driver-vulnerabilities/","source":"367425dc-4d06-4041-9650-c2dc6aaa27ce","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-5757","sourceIdentifier":"cret@cert.org","published":"2026-06-26T16:16:36.917","lastModified":"2026-06-29T13:49:03.420","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Unauthenticated remote information disclosure vulnerability in Ollama's model quantization engine allows an attacker to read and exfiltrate the server's heap memory, potentially leading to sensitive data exposure, further compromise, and stealthy persistence."}],"affected":[{"source":"cret@cert.org","affectedData":[{"vendor":"Ollama AI","product":"Ollama","versions":[{"version":"v0.13.5","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-26T18:37:59.802606Z","id":"CVE-2026-5757","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-125"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:ollama:ollama:*:*:*:*:*:*:*:*","versionEndIncluding":"0.13.5","matchCriteriaId":"2D2FE797-DC0D-42D8-9CEA-18CD363B877A"}]}]}],"references":[{"url":"https://kb.cert.org/vuls/id/518910","source":"cret@cert.org","tags":["Third Party Advisory","VDB Entry"]},{"url":"https://ollama.com","source":"cret@cert.org","tags":["Product"]},{"url":"https://www.kb.cert.org/vuls/id/518910","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory","VDB Entry"]}]}},{"cve":{"id":"CVE-2025-32423","sourceIdentifier":"security-advisories@github.com","published":"2026-06-26T17:16:31.553","lastModified":"2026-06-29T14:16:37.460","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"AutoGPT is a workflow automation platform for creating, deploying, and managing continuous artificial intelligence agents. Prior to 0.6.32, there is a DoS vulnerability in ExtractTextInformationBlock. Malicious users can amplify their input. For example, if a malicious user inputs 10K of content, the server will consume 50G of memory, eventually causing memory resources to be exhausted, resulting in DoS. This vulnerability is fixed in 0.6.32."}],"affected":[{"source":"security-advisories@github.com","affectedData":[{"vendor":"Significant-Gravitas","product":"AutoGPT","versions":[{"version":"< 0.6.32","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":5.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"LOW","userInteraction":"NONE","vulnConfidentialityImpact":"NONE","vulnIntegrityImpact":"NONE","vulnAvailabilityImpact":"LOW","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-29T13:29:40.945970Z","id":"CVE-2025-32423","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-770"}]}],"references":[{"url":"https://github.com/Significant-Gravitas/AutoGPT/security/advisories/GHSA-pppq-xx2w-7jpq","source":"security-advisories@github.com"},{"url":"https://github.com/Significant-Gravitas/AutoGPT/security/advisories/GHSA-pppq-xx2w-7jpq","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0"}]}},{"cve":{"id":"CVE-2026-54636","sourceIdentifier":"security-advisories@github.com","published":"2026-06-26T17:16:34.083","lastModified":"2026-06-29T14:16:57.970","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Dokku is a docker-powered PaaS. Prior to 0.38.7, the cron plugin utilizes commands in the app.json file to manage system cron running as the Dokku user. An app.json cron command utilizing special shell characters - including, but not limited to, > or ; - can break out of the Docker container and execute commands on the host as the Dokku user. This vulnerability is fixed in 0.38.7."}],"affected":[{"source":"security-advisories@github.com","affectedData":[{"vendor":"dokku","product":"dokku","versions":[{"version":"< 0.38.7","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H","baseScore":9.0,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.3,"impactScore":6.0},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H","baseScore":9.9,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.1,"impactScore":6.0}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-29T13:28:46.363010Z","id":"CVE-2026-54636","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-78"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:dokku:dokku:*:*:*:*:-:*:*:*","versionEndExcluding":"0.38.7","matchCriteriaId":"AA4918A7-B341-4B50-865E-F5020BB707D5"}]}]}],"references":[{"url":"https://github.com/dokku/dokku/pull/8672","source":"security-advisories@github.com","tags":["Issue Tracking","Patch"]},{"url":"https://github.com/dokku/dokku/security/advisories/GHSA-72vm-7pc2-x95w","source":"security-advisories@github.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-33646","sourceIdentifier":"security-advisories@github.com","published":"2026-06-26T18:16:58.420","lastModified":"2026-06-29T14:16:49.923","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"mise manages dev tools like node, python, cmake, and terraform. Prior to 2026.3.10, mise processes .tool-versions files through the Tera template engine during parsing, with the exec() function registered, enabling arbitrary command execution. Unlike .mise.toml files, .tool-versions files are not subject to trust verification in non-paranoid mode. This means an attacker can place a malicious .tool-versions file in a git repository, and when a victim with mise activated cds into the directory, arbitrary commands execute without any trust prompt. This vulnerability is fixed in 2026.3.10."}],"affected":[{"source":"security-advisories@github.com","affectedData":[{"vendor":"jdx","product":"mise","versions":[{"version":"< 2026.3.10","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H","baseScore":9.6,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":6.0}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-29T13:28:13.981681Z","id":"CVE-2026-33646","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-94"}]}],"references":[{"url":"https://github.com/jdx/mise/security/advisories/GHSA-fjj5-v948-whjj","source":"security-advisories@github.com"},{"url":"https://github.com/jdx/mise/security/advisories/GHSA-fjj5-v948-whjj","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0"}]}},{"cve":{"id":"CVE-2026-47204","sourceIdentifier":"security-advisories@github.com","published":"2026-06-26T18:16:58.673","lastModified":"2026-06-29T14:16:53.313","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Envoy is an open source edge and service proxy designed for cloud-native applications. From 1.26.0 until 1.35.13, 1.36.9, 1.37.5, and 1.38.3, the envoy.filters.http.grpc_stats filter crashes (null pointer dereference / segfault) when a Connect protocol request (Content-Type: application/connect+proto or application/connect+json) hits a direct_response route. A single unauthenticated HTTP request crashes the Envoy process. This vulnerability is fixed in 1.35.13, 1.36.9, 1.37.5, and 1.38.3."}],"affected":[{"source":"security-advisories@github.com","affectedData":[{"vendor":"envoyproxy","product":"envoy","versions":[{"version":">= 1.38.0, < 1.38.3","status":"affected"},{"version":">= 1.37.0, < 1.37.5","status":"affected"},{"version":">= 1.36.0, < 1.36.9","status":"affected"},{"version":">= 1.26.0, < 1.35.13","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":3.6},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-29T13:26:59.898189Z","id":"CVE-2026-47204","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-476"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","versionStartIncluding":"1.26.0","versionEndExcluding":"1.35.13","matchCriteriaId":"02DE4CCE-7B8A-4438-92E0-52DDB3551846"},{"vulnerable":true,"criteria":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","versionStartIncluding":"1.36.0","versionEndExcluding":"1.36.9","matchCriteriaId":"B1146A14-3C49-48C3-BC2A-1BBB202EBD84"},{"vulnerable":true,"criteria":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","versionStartIncluding":"1.37.0","versionEndExcluding":"1.37.5","matchCriteriaId":"2057BF79-00D1-4154-9DC0-3F278C72F4E1"},{"vulnerable":true,"criteria":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","versionStartIncluding":"1.38.0","versionEndExcluding":"1.38.3","matchCriteriaId":"2A218AD4-BF4B-46EA-96D7-3B25B7E71AC8"}]}]}],"references":[{"url":"https://github.com/envoyproxy/envoy/security/advisories/GHSA-3jxh-8p6x-7pf6","source":"security-advisories@github.com","tags":["Exploit","Vendor Advisory"]},{"url":"https://github.com/envoyproxy/envoy/security/advisories/GHSA-3jxh-8p6x-7pf6","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","tags":["Exploit","Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-47775","sourceIdentifier":"security-advisories@github.com","published":"2026-06-26T18:16:59.350","lastModified":"2026-06-29T18:10:33.463","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Envoy is an open source edge and service proxy designed for cloud-native applications. Prior to 1.35.11, 1.36.7, 1.37.3, and 1.38.1, the OAuth2 HTTP filter's encrypt()/decrypt() functions use AES-256-CBC without an authentication tag (no HMAC, no AEAD). The /callback endpoint returns HTTP 302 on successful decryption and HTTP 401 on padding failure, creating a padding oracle. An attacker who obtains the encrypted CodeVerifier cookie can recover the plaintext PKCE code_verifier in ~6,200 requests (~100 seconds), then exchange it with a stolen authorization code to obtain the victim's access token. This vulnerability is fixed in 1.35.11, 1.36.7, 1.37.3, and 1.38.1."}],"affected":[{"source":"security-advisories@github.com","affectedData":[{"vendor":"envoyproxy","product":"envoy","versions":[{"version":">= 1.38.0, < 1.38.1","status":"affected"},{"version":">= 1.37.0, < 1.37.3","status":"affected"},{"version":">= 1.36.0, < 1.36.7","status":"affected"},{"version":"< 1.35.11","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N","baseScore":6.8,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":1.6,"impactScore":5.2}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-29T15:05:22.645121Z","id":"CVE-2026-47775","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-209"},{"lang":"en","value":"CWE-327"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","versionStartIncluding":"1.35.0","versionEndExcluding":"1.35.11","matchCriteriaId":"D0D8A448-3D11-4236-A3E1-BEF6537F7B78"},{"vulnerable":true,"criteria":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","versionStartIncluding":"1.36.0","versionEndExcluding":"1.36.7","matchCriteriaId":"C0A19272-7178-4FCE-A4D3-5E578A871D4D"},{"vulnerable":true,"criteria":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","versionStartIncluding":"1.37.0","versionEndExcluding":"1.37.3","matchCriteriaId":"24F12FF2-A40F-4C2C-B9C4-F59A22B99843"},{"vulnerable":true,"criteria":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","versionStartIncluding":"1.38.0","versionEndExcluding":"1.38.1","matchCriteriaId":"54B4E89D-3622-4F96-A599-E85109E8D4DD"}]}]}],"references":[{"url":"https://github.com/envoyproxy/envoy/security/advisories/GHSA-396h-jpq4-vc7p","source":"security-advisories@github.com","tags":["Exploit","Vendor Advisory","Mitigation"]},{"url":"https://github.com/envoyproxy/envoy/security/advisories/GHSA-396h-jpq4-vc7p","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","tags":["Exploit","Vendor Advisory","Mitigation"]}]}},{"cve":{"id":"CVE-2026-47778","sourceIdentifier":"security-advisories@github.com","published":"2026-06-26T18:16:59.480","lastModified":"2026-06-29T18:49:25.843","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Envoy is an open source edge and service proxy designed for cloud-native applications. Prior to 1.35.11, 1.36.7, 1.37.3, and 1.38.1, a structural flaw was identified in DefaultCertValidator::verifySubjectAltName where the extracted DNS SAN string is cast to a C-style string using .c_str() before being passed to the Utility::dnsNameMatch() algorithm. If the attacker serves a certificate with a dNSName SAN containing an embedded NUL byte, the helper Utility::generalNameAsString captures the complete string including the NUL. However, when .c_str() evaluates it, implicit conversion to absl::string_view inside dnsNameMatch relies on strlen(), prematurely truncating the evaluation context. Envoy evaluates trucated string against the exact required config_san match and returns true, thereby successfully validating the string with the Nul byte for an upstream routing. This vulnerability is fixed in 1.35.11, 1.36.7, 1.37.3, and 1.38.1."}],"affected":[{"source":"security-advisories@github.com","affectedData":[{"vendor":"envoyproxy","product":"envoy","versions":[{"version":">= 1.38.0, < 1.38.1","status":"affected"},{"version":">= 1.37.0, < 1.37.3","status":"affected"},{"version":">= 1.36.0, < 1.36.7","status":"affected"},{"version":"< 1.35.11","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N","baseScore":4.4,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":0.7,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-27T02:52:00.418621Z","id":"CVE-2026-47778","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-158"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","versionEndExcluding":"1.35.13","matchCriteriaId":"3327F1D2-8A35-41E5-B720-06528D0856C0"},{"vulnerable":true,"criteria":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","versionStartIncluding":"1.36.0","versionEndExcluding":"1.36.9","matchCriteriaId":"B1146A14-3C49-48C3-BC2A-1BBB202EBD84"},{"vulnerable":true,"criteria":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","versionStartIncluding":"1.37.0","versionEndExcluding":"1.37.5","matchCriteriaId":"2057BF79-00D1-4154-9DC0-3F278C72F4E1"},{"vulnerable":true,"criteria":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","versionStartIncluding":"1.38.0","versionEndExcluding":"1.38.3","matchCriteriaId":"2A218AD4-BF4B-46EA-96D7-3B25B7E71AC8"}]}]}],"references":[{"url":"https://github.com/envoyproxy/envoy/security/advisories/GHSA-f8x4-rw5x-f3r7","source":"security-advisories@github.com","tags":["Exploit","Vendor Advisory","Mitigation"]},{"url":"https://github.com/envoyproxy/envoy/security/advisories/GHSA-f8x4-rw5x-f3r7","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","tags":["Exploit","Vendor Advisory","Mitigation"]}]}},{"cve":{"id":"CVE-2026-48042","sourceIdentifier":"security-advisories@github.com","published":"2026-06-26T18:16:59.630","lastModified":"2026-06-29T18:42:17.407","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Envoy is an open source edge and service proxy designed for cloud-native applications. Prior to 1.35.11, 1.36.7, 1.37.3, and 1.38.1, destructor of JSON Object results in stack overflow when deeply O(100K) nested objects are present. This vulnerability is fixed in 1.35.11, 1.36.7, 1.37.3, and 1.38.1."}],"affected":[{"source":"security-advisories@github.com","affectedData":[{"vendor":"envoyproxy","product":"envoy","versions":[{"version":">= 1.38.0, < 1.38.1","status":"affected"},{"version":">= 1.37.0, < 1.37.3","status":"affected"},{"version":">= 1.36.0, < 1.36.7","status":"affected"},{"version":"< 1.35.11","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-29T13:27:35.763864Z","id":"CVE-2026-48042","options":[{"exploitation":"poc"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-1124"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","versionStartIncluding":"1.18.0","versionEndExcluding":"1.35.13","matchCriteriaId":"F5FC4474-33FC-43D6-9814-3B713466DDDD"},{"vulnerable":true,"criteria":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","versionStartIncluding":"1.36.0","versionEndExcluding":"1.36.9","matchCriteriaId":"B1146A14-3C49-48C3-BC2A-1BBB202EBD84"},{"vulnerable":true,"criteria":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","versionStartIncluding":"1.37.0","versionEndExcluding":"1.37.5","matchCriteriaId":"2057BF79-00D1-4154-9DC0-3F278C72F4E1"},{"vulnerable":true,"criteria":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","versionStartIncluding":"1.38.0","versionEndExcluding":"1.38.3","matchCriteriaId":"2A218AD4-BF4B-46EA-96D7-3B25B7E71AC8"}]}]}],"references":[{"url":"https://github.com/envoyproxy/envoy/blob/099a9d71ebfd8aa9f823e1738b34138cb634a07b/source/common/json/json_loader.h#L21","source":"security-advisories@github.com","tags":["Product"]},{"url":"https://github.com/envoyproxy/envoy/security/advisories/GHSA-f24p-rxw2-g6pv","source":"security-advisories@github.com","tags":["Exploit","Vendor Advisory"]},{"url":"https://github.com/envoyproxy/envoy/security/advisories/GHSA-f24p-rxw2-g6pv","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","tags":["Exploit","Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-48044","sourceIdentifier":"security-advisories@github.com","published":"2026-06-26T18:16:59.767","lastModified":"2026-06-29T18:40:43.537","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Envoy is an open source edge and service proxy designed for cloud-native applications. From 1.23.0 until 1.35.11, 1.36.7, 1.37.3, and 1.38.1, a  vulnerability has been identified in Envoy's zstd decompressor implementation (ZstdDecompressorImpl). When zstd decompression is enabled, processing a specially crafted, highly compressed zstd payload can lead to massive memory allocation. An attacker can exploit this to cause severe memory exhaustion, potentially resulting in an Out-Of-Memory (OOM) kill and Denial of Service (DoS) for the Envoy proxy. This vulnerability is fixed in 1.35.11, 1.36.7, 1.37.3, and 1.38.1."}],"affected":[{"source":"security-advisories@github.com","affectedData":[{"vendor":"envoyproxy","product":"envoy","versions":[{"version":">= 1.38.0, < 1.38.1","status":"affected"},{"version":">= 1.37.0, < 1.37.3","status":"affected"},{"version":">= 1.36.0, < 1.36.7","status":"affected"},{"version":">= 1.23.0, < 1.35.11","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-26T18:31:06.118463Z","id":"CVE-2026-48044","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-409"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","versionStartIncluding":"1.23.0","versionEndExcluding":"1.35.13","matchCriteriaId":"393300D8-1B04-493A-83B5-E8AEF0946D76"},{"vulnerable":true,"criteria":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","versionStartIncluding":"1.36.0","versionEndExcluding":"1.36.9","matchCriteriaId":"B1146A14-3C49-48C3-BC2A-1BBB202EBD84"},{"vulnerable":true,"criteria":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","versionStartIncluding":"1.37.0","versionEndExcluding":"1.37.5","matchCriteriaId":"2057BF79-00D1-4154-9DC0-3F278C72F4E1"},{"vulnerable":true,"criteria":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","versionStartIncluding":"1.38.0","versionEndExcluding":"1.38.3","matchCriteriaId":"2A218AD4-BF4B-46EA-96D7-3B25B7E71AC8"}]}]}],"references":[{"url":"https://github.com/envoyproxy/envoy/security/advisories/GHSA-m3p9-47wh-88wg","source":"security-advisories@github.com","tags":["Mitigation","Vendor Advisory","Exploit"]}]}},{"cve":{"id":"CVE-2026-48497","sourceIdentifier":"security-advisories@github.com","published":"2026-06-26T18:16:59.897","lastModified":"2026-06-29T18:36:40.677","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Envoy is an open source edge and service proxy designed for cloud-native applications. Prior to 1.35.11, 1.36.7, 1.37.3, and 1.38.1, in cases where UDP DNS filter is configured with local resolution containing a name with the length of 255 octets or remote resolution for a name of 255 octets long can complete successfully, a query with such name will result in abnormal process termination. The abnormal process termination is triggered by an invalid runtime precondition that the query name is strictly less than 255 octets, contradicting DNS specification rfc1035#section-2.3.4 that the name can be 255 or less octets. This vulnerability is fixed in 1.35.11, 1.36.7, 1.37.3, and 1.38.1."}],"affected":[{"source":"security-advisories@github.com","affectedData":[{"vendor":"envoyproxy","product":"envoy","versions":[{"version":">= 1.38.0, < 1.38.1","status":"affected"},{"version":">= 1.37.0, < 1.37.3","status":"affected"},{"version":">= 1.36.0, < 1.36.7","status":"affected"},{"version":"< 1.35.11","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H","baseScore":5.9,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":2.2,"impactScore":3.6},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-26T18:32:39.500724Z","id":"CVE-2026-48497","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-480"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","versionEndExcluding":"1.35.13","matchCriteriaId":"3327F1D2-8A35-41E5-B720-06528D0856C0"},{"vulnerable":true,"criteria":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","versionStartIncluding":"1.36.0","versionEndExcluding":"1.36.9","matchCriteriaId":"B1146A14-3C49-48C3-BC2A-1BBB202EBD84"},{"vulnerable":true,"criteria":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","versionStartIncluding":"1.37.0","versionEndExcluding":"1.37.5","matchCriteriaId":"2057BF79-00D1-4154-9DC0-3F278C72F4E1"},{"vulnerable":true,"criteria":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","versionStartIncluding":"1.38.0","versionEndExcluding":"1.38.3","matchCriteriaId":"2A218AD4-BF4B-46EA-96D7-3B25B7E71AC8"}]}]}],"references":[{"url":"https://github.com/envoyproxy/envoy/security/advisories/GHSA-j6g2-wf95-q66q","source":"security-advisories@github.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-48706","sourceIdentifier":"security-advisories@github.com","published":"2026-06-26T18:17:00.027","lastModified":"2026-06-29T18:34:15.677","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Envoy is an open source edge and service proxy designed for cloud-native applications. From 1.34.0 until 1.35.13, 1.36.9, 1.37.5, and 1.38.3, a vulnerability exists in Envoy's TCP StatsD sink (TcpStatsdSink), where the thread-local flusher buffer can be overflowed by exceptionally long statistic names (e.g., >16KiB). During formatting, TcpStatsdSink reserves a single contiguous memory slice of 16KiB (FLUSH_SLICE_SIZE_BYTES). If formatting a single metric exceeds the remaining capacity, the flusher initiates a buffer rotation but incorrectly continues to allocate another fixed 16KiB slice. If an attacker can trigger a statistic name longer than 16KiB—for example, by sending an HTTP or gRPC request with an extremely long request path (:path) that is recorded by the grpc_stats filter configured with stats_for_all_methods: true—the flusher will attempt to copy the metric name using memcpy operations beyond the allocated heap buffer boundaries. This leads to a heap write overflow, which can cause immediate denial-of-service (process crash) or potential remote code execution (RCE). This vulnerability is fixed in 1.35.13, 1.36.9, 1.37.5, and 1.38.3."}],"affected":[{"source":"security-advisories@github.com","affectedData":[{"vendor":"envoyproxy","product":"envoy","versions":[{"version":">= 1.38.0, < 1.38.3","status":"affected"},{"version":">= 1.37.0, < 1.37.5","status":"affected"},{"version":">= 1.36.0, < 1.36.9","status":"affected"},{"version":">= 1.34.0, < 1.35.13","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H","baseScore":5.9,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":2.2,"impactScore":3.6},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-26T19:05:13.902352Z","id":"CVE-2026-48706","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-120"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","versionStartIncluding":"1.34.0","versionEndExcluding":"1.35.13","matchCriteriaId":"FCF9A646-8301-48C6-9A3D-F53AFAE75C39"},{"vulnerable":true,"criteria":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","versionStartIncluding":"1.36.0","versionEndExcluding":"1.36.9","matchCriteriaId":"B1146A14-3C49-48C3-BC2A-1BBB202EBD84"},{"vulnerable":true,"criteria":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","versionStartIncluding":"1.37.0","versionEndExcluding":"1.37.5","matchCriteriaId":"2057BF79-00D1-4154-9DC0-3F278C72F4E1"},{"vulnerable":true,"criteria":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","versionStartIncluding":"1.38.0","versionEndExcluding":"1.38.3","matchCriteriaId":"2A218AD4-BF4B-46EA-96D7-3B25B7E71AC8"}]}]}],"references":[{"url":"https://github.com/envoyproxy/envoy/security/advisories/GHSA-7q3f-gwg7-j8g4","source":"security-advisories@github.com","tags":["Vendor Advisory","Mitigation"]}]}},{"cve":{"id":"CVE-2026-48743","sourceIdentifier":"security-advisories@github.com","published":"2026-06-26T18:17:00.173","lastModified":"2026-06-29T18:27:36.190","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Envoy is an open source edge and service proxy designed for cloud-native applications. Prior to 1.35.11, 1.36.7, 1.37.3, and 1.38.1, Envoy can translate a downstream HTTP/3 request that is complete at the transport layer (HEADERS with FIN / headers-only close) but still carries a nonzero Content-Length into a complete upstream HTTP/1 request with unresolved body debt. In an HTTP/1 upstream deployment where the origin replies before reading the declared body and keeps the connection reusable, the beginning of the next Envoy-generated upstream request can be consumed as the first request's body. The remaining bytes are then parsed by the origin as a new HTTP/1 request. This was reproduced as a route-bypass/desync: direct /pwn was denied by Envoy, but the second downstream H3 stream received the response for backend-parsed GET /pwn HTTP/1.1. This vulnerability is fixed in 1.35.11, 1.36.7, 1.37.3, and 1.38.1."}],"affected":[{"source":"security-advisories@github.com","affectedData":[{"vendor":"envoyproxy","product":"envoy","versions":[{"version":">= 1.38.0, < 1.38.1","status":"affected"},{"version":">= 1.37.0, < 1.37.3","status":"affected"},{"version":">= 1.36.0, < 1.36.7","status":"affected"},{"version":">= 1.35.0, < 1.35.11","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:H/A:N","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":2.2,"impactScore":4.7}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-29T15:04:55.378026Z","id":"CVE-2026-48743","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-444"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","versionStartIncluding":"1.35.0","versionEndExcluding":"1.35.13","matchCriteriaId":"AB149324-8F14-48A5-ABC1-B4764A0BC33B"},{"vulnerable":true,"criteria":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","versionStartIncluding":"1.36.0","versionEndExcluding":"1.36.9","matchCriteriaId":"B1146A14-3C49-48C3-BC2A-1BBB202EBD84"},{"vulnerable":true,"criteria":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","versionStartIncluding":"1.37.0","versionEndExcluding":"1.37.5","matchCriteriaId":"2057BF79-00D1-4154-9DC0-3F278C72F4E1"},{"vulnerable":true,"criteria":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","versionStartIncluding":"1.38.0","versionEndExcluding":"1.38.3","matchCriteriaId":"2A218AD4-BF4B-46EA-96D7-3B25B7E71AC8"}]}]}],"references":[{"url":"https://github.com/envoyproxy/envoy/security/advisories/GHSA-8phg-2h2q-jgxf","source":"security-advisories@github.com","tags":["Exploit","Vendor Advisory","Mitigation"]},{"url":"https://github.com/envoyproxy/envoy/security/advisories/GHSA-8phg-2h2q-jgxf","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","tags":["Exploit","Vendor Advisory","Mitigation"]}]}},{"cve":{"id":"CVE-2026-13372","sourceIdentifier":"security@devolutions.net","published":"2026-06-26T19:16:39.897","lastModified":"2026-06-29T14:56:14.573","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Incorrect link resolution by display name in the custom PowerShell VPN editor in Devolutions Remote Desktop Manager 2026.2.5 through 2026.2.11 allows an authenticated attacker with write access to a shared workspace to execute a PowerShell script in another user's context via a display name collision with an existing VPN script link."}],"affected":[{"source":"security@devolutions.net","affectedData":[{"vendor":"Devolutions","product":"Remote Desktop Manager","defaultStatus":"unaffected","versions":[{"version":"2026.2.5","lessThan":"2026.2.11","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H","baseScore":7.2,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.2,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-26T19:24:36.727911Z","id":"CVE-2026-13372","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security@devolutions.net","type":"Secondary","description":[{"lang":"en","value":"CWE-706"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:devolutions:remote_desktop_manager:*:*:*:*:*:windows:*:*","versionStartIncluding":"2026.2.5.0","versionEndIncluding":"2026.2.12.0","matchCriteriaId":"00D629B0-8254-4BC1-9996-6CF28F091255"}]}]}],"references":[{"url":"https://devolutions.net/security/advisories/DEVO-2026-0021/","source":"security@devolutions.net","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-47205","sourceIdentifier":"security-advisories@github.com","published":"2026-06-26T19:16:40.853","lastModified":"2026-06-29T18:21:30.567","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Envoy is an open source edge and service proxy designed for cloud-native applications. From 1.36.0 until 1.36.9, 1.37.5, and 1.38.3, a Use-After-Free (UAF) vulnerability leading to a sudden segmentation fault exists in Envoy's ext_authz HTTP filter when processing per-route authorization overrides concurrently with rapid downstream client disconnects. During standard request lifecycles, Envoy instantiates the ext_authz filter with a foundational authorization client object (client_). If a matched route dictates a dynamic per-route HTTP or gRPC authorization service override, the filter generates a localized client. In the vulnerable implementation, this transient client aggressively overwrote the default client_ unique pointer by executing client_ = std::move(per_route_client). When a client rapidly establishes and subsequently tears down a stream (such as rapidly refreshing a protected WebSocket endpoint), the downstream triggers the ConnectionManagerImpl::doDeferredStreamDestroy() -> ActiveStream::onResetStream() lifecycle. Envoy immediately sequences Filter::onDestroy() in an attempt to securely abort dispatched asynchronous authorization check transactions via client_->cancel(). By destructing the default client abruptly during initiateCall, a memory lifecycle misalignment occurs within the async client manager. The stream teardown fails to reliably track and cancel the dynamically bound asynchronous authorization tasks, orchestrating a sequence where a late asynchronous callback from the network evaluates against a heavily destroyed ActiveStream validation span, generating a UAF process crash. This vulnerability is fixed in 1.36.9, 1.37.5, and 1.38.3."}],"affected":[{"source":"security-advisories@github.com","affectedData":[{"vendor":"envoyproxy","product":"envoy","versions":[{"version":">= 1.38.0, < 1.38.3","status":"affected"},{"version":">= 1.37.0, < 1.37.5","status":"affected"},{"version":">= 1.36.0, < 1.36.9","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H","baseScore":5.9,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":2.2,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-27T02:54:07.255044Z","id":"CVE-2026-47205","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-416"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","versionStartIncluding":"1.36.0","versionEndExcluding":"1.36.9","matchCriteriaId":"B1146A14-3C49-48C3-BC2A-1BBB202EBD84"},{"vulnerable":true,"criteria":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","versionStartIncluding":"1.37.0","versionEndExcluding":"1.37.5","matchCriteriaId":"2057BF79-00D1-4154-9DC0-3F278C72F4E1"},{"vulnerable":true,"criteria":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","versionStartIncluding":"1.38.0","versionEndExcluding":"1.38.3","matchCriteriaId":"2A218AD4-BF4B-46EA-96D7-3B25B7E71AC8"}]}]}],"references":[{"url":"https://github.com/envoyproxy/envoy/security/advisories/GHSA-mvh9-767w-x47j","source":"security-advisories@github.com","tags":["Vendor Advisory","Exploit","Mitigation"]},{"url":"https://github.com/envoyproxy/envoy/security/advisories/GHSA-mvh9-767w-x47j","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","tags":["Vendor Advisory","Exploit","Mitigation"]}]}},{"cve":{"id":"CVE-2026-32833","sourceIdentifier":"disclosure@vulncheck.com","published":"2026-06-26T20:16:54.583","lastModified":"2026-06-29T14:16:49.310","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"Cudy LT300 3.0 running firmware prior to version 2.5.12 contains an OS command injection vulnerability that allows authenticated attackers to execute arbitrary commands by injecting shell metacharacters into the cbid.system.ntp.current POST parameter in the system time configuration interface. Attackers can submit malicious payloads through the NTP settings endpoint to achieve remote code execution on the underlying system."}],"affected":[{"source":"disclosure@vulncheck.com","affectedData":[{"vendor":"Shenzhen Cudy Technology Co., Ltd.","product":"LT300 3.0","defaultStatus":"affected","versions":[{"version":"0","lessThan":"2.5.12","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"disclosure@vulncheck.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":8.7,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"LOW","userInteraction":"NONE","vulnConfidentialityImpact":"HIGH","vulnIntegrityImpact":"HIGH","vulnAvailabilityImpact":"HIGH","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"disclosure@vulncheck.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-29T13:21:51.670408Z","id":"CVE-2026-32833","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"disclosure@vulncheck.com","type":"Secondary","description":[{"lang":"en","value":"CWE-78"}]}],"references":[{"url":"https://www.cudy.com/en-us/pages/download-center/lt300-3-0","source":"disclosure@vulncheck.com"},{"url":"https://www.vulncheck.com/advisories/cudy-lt300-os-command-injection-via-ntp-configuration","source":"disclosure@vulncheck.com"}]}},{"cve":{"id":"CVE-2026-44731","sourceIdentifier":"security-advisories@github.com","published":"2026-06-26T20:17:02.943","lastModified":"2026-06-29T14:16:52.033","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"OpenProject is open-source, web-based project management software. Prior to 17.3.2 and 17.4.0, the web application's meetings filter feature leaks whether a given user ID corresponds to a valid account and discloses the user's full name, allowing an attacker to enumerate all existing user accounts by probing user IDs and observing differences in the server response. This vulnerability is fixed in 17.3.2 and 17.4.0."}],"affected":[{"source":"security-advisories@github.com","affectedData":[{"vendor":"opf","product":"openproject","versions":[{"version":"< 17.3.2","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N","baseScore":4.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":1.4}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-29T13:22:22.273307Z","id":"CVE-2026-44731","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-639"}]}],"references":[{"url":"https://github.com/opf/openproject/security/advisories/GHSA-x7j3-cfgf-7mc4","source":"security-advisories@github.com"}]}},{"cve":{"id":"CVE-2026-44732","sourceIdentifier":"security-advisories@github.com","published":"2026-06-26T20:17:03.093","lastModified":"2026-06-29T14:16:52.150","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"OpenProject is open-source, web-based project management software. Prior to 17.3.2 and 17.4.0, OpenProject exposes a document update endpoint used to modify existing documents. The target document is loaded with visibility checks and then updated. During update, attacker-controlled attributes are applied to the persisted record before authorization is enforced. As a result, a user without :manage_documents in the source project can move and modify foreign project documents by setting project_id in a single PATCH request. This vulnerability is fixed in 17.3.2 and 17.4.0."}],"affected":[{"source":"security-advisories@github.com","affectedData":[{"vendor":"opf","product":"openproject","versions":[{"version":"< 17.3.2","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N","baseScore":4.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":1.4}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-29T12:07:05.741521Z","id":"CVE-2026-44732","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-639"}]}],"references":[{"url":"https://github.com/opf/openproject/security/advisories/GHSA-mqvv-5mvc-7pg7","source":"security-advisories@github.com"}]}},{"cve":{"id":"CVE-2026-44733","sourceIdentifier":"security-advisories@github.com","published":"2026-06-26T20:17:03.240","lastModified":"2026-06-29T14:16:52.263","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"OpenProject is open-source, web-based project management software. Prior to 17.3.2 and 17.4.0, Business Logic Error on OpenProject through PATCH request to /api/v3/users/me permits to bypass password requirements. A password validation flaw in the change password behavior allows attackers to change a user's password only with an active session takeover. This vulnerability is fixed in 17.3.2 and 17.4.0."}],"affected":[{"source":"security-advisories@github.com","affectedData":[{"vendor":"opf","product":"openproject","versions":[{"version":"< 17.3.2","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:L/A:N","baseScore":5.9,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":1.6,"impactScore":4.2}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-29T13:16:15.977198Z","id":"CVE-2026-44733","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-620"}]}],"references":[{"url":"https://github.com/opf/openproject/security/advisories/GHSA-px7f-cj9f-7m4m","source":"security-advisories@github.com"}]}},{"cve":{"id":"CVE-2026-44735","sourceIdentifier":"security-advisories@github.com","published":"2026-06-26T20:17:03.520","lastModified":"2026-06-29T16:16:40.010","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"OpenProject is open-source, web-based project management software. Prior to 17.3.2 and 17.4.0, the GET /api/v3/shares endpoint returns share details for ALL work packages in a project to any user with the view_shared_work_packages permission. The authorization check operates at the project level only — it does not verify the requesting user can actually view each individual shared work package. This allows a regular project member to discover work package IDs and subjects (including confidential titles), which users have been granted shared access, what role level was assigned (Editor, Commenter, Viewer). This vulnerability is fixed in 17.3.2 and 17.4.0."}],"affected":[{"source":"security-advisories@github.com","affectedData":[{"vendor":"opf","product":"openproject","versions":[{"version":"< 17.3.2","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-29T15:00:12.504884Z","id":"CVE-2026-44735","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-863"}]}],"references":[{"url":"https://github.com/opf/openproject/security/advisories/GHSA-cfg3-f34w-9xx5","source":"security-advisories@github.com"}]}},{"cve":{"id":"CVE-2026-46386","sourceIdentifier":"security-advisories@github.com","published":"2026-06-26T20:17:13.380","lastModified":"2026-06-29T14:16:52.927","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"OpenProject is open-source, web-based project management software. Prior to , the official openproject/openproject Docker image ships ENV SECRET_KEY_BASE=OVERWRITE_ME as the default Rails master key. Combined with cookies_serializer = :marshal, this gives any logged-in user a deterministic Marshal-deserialization path reachable via the /my/two_factor_devices cookie reader This vulnerability is fixed in ."}],"affected":[{"source":"security-advisories@github.com","affectedData":[{"vendor":"opf","product":"openproject","versions":[{"version":">= 8.3.0, < 17.2.4","status":"affected"},{"version":">= 17.3.0, < 17.3.2","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H","baseScore":9.9,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.1,"impactScore":6.0}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-29T13:23:02.803038Z","id":"CVE-2026-46386","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-502"},{"lang":"en","value":"CWE-798"},{"lang":"en","value":"CWE-1188"},{"lang":"en","value":"CWE-1392"}]}],"references":[{"url":"https://github.com/opf/openproject/security/advisories/GHSA-r85r-gjq2-f83r","source":"security-advisories@github.com"}]}},{"cve":{"id":"CVE-2026-49355","sourceIdentifier":"security-advisories@github.com","published":"2026-06-26T20:17:17.583","lastModified":"2026-06-29T14:16:54.660","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"OpenProject is open-source, web-based project management software. Prior to 17.4.0, `GET /api/v3/meetings/:meeting_id/agenda_items/:agenda_item_id` discloses private work package data from a linked work package that belongs to a private/inaccessible project. This vulnerability is fixed in 17.4.0."}],"affected":[{"source":"security-advisories@github.com","affectedData":[{"vendor":"opf","product":"openproject","versions":[{"version":"< 17.4.0","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N","baseScore":4.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":1.4}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-29T12:06:41.277703Z","id":"CVE-2026-49355","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-200"},{"lang":"en","value":"CWE-639"}]}],"references":[{"url":"https://github.com/opf/openproject/security/advisories/GHSA-g387-6rm2-xw88","source":"security-advisories@github.com"}]}},{"cve":{"id":"CVE-2026-49991","sourceIdentifier":"security-advisories@github.com","published":"2026-06-26T20:17:17.817","lastModified":"2026-06-29T14:16:55.580","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"RustFS is a distributed object storage system built in Rust. In 1.0.0-beta.4, authenticated users with only PutObject permission on their own bucket can exploit a path traversal vulnerability in the Snowball auto-extract feature to write arbitrary objects into other users' buckets, completely breaking multi-tenant isolation. The vulnerability chains three flaws: No ../ sanitization in tar entry key normalization; IAM wildcard matching uses raw (uncleaned) paths; and Filesystem path cleaning resolves ../ across bucket boundaries."}],"affected":[{"source":"security-advisories@github.com","affectedData":[{"vendor":"rustfs","product":"rustfs","versions":[{"version":"1.0.0-beta.4","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:N","baseScore":8.6,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"NONE","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":4.0}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-29T13:13:51.281652Z","id":"CVE-2026-49991","options":[{"exploitation":"poc"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-22"},{"lang":"en","value":"CWE-862"}]}],"references":[{"url":"https://github.com/rustfs/rustfs/security/advisories/GHSA-f4vq-9ffr-m8m3","source":"security-advisories@github.com"},{"url":"https://github.com/rustfs/rustfs/security/advisories/GHSA-f4vq-9ffr-m8m3","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0"}]}},{"cve":{"id":"CVE-2026-52779","sourceIdentifier":"security-advisories@github.com","published":"2026-06-26T20:17:18.360","lastModified":"2026-06-29T16:16:40.760","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"OpenProject is open-source, web-based project management software. Prior to 17.3.3 and 17.4.1, a cross-project IDOR / authorization context confusion in the Calendar and Team Planner modules allows a user with management permissions in one project to delete public Calendar or Team Planner Queries from another project where they do not have the corresponding management permissions. Both modules authorize the request against the project identified by :project_id in the URL, but the actual Query object is loaded later by :id from Query.visible(current_user) without verifying that the loaded Query belongs to the authorized project. As a result, an attacker can use permissions from Project A to delete shared/public Calendar or Team Planner views from Project B, causing integrity impact and limited availability impact for users relying on those shared views. This vulnerability is fixed in 17.3.3 and 17.4.1."}],"affected":[{"source":"security-advisories@github.com","affectedData":[{"vendor":"opf","product":"openproject","versions":[{"version":"< 17.3.3","status":"affected"},{"version":">= 17.4.0, < 17.4.1","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L","baseScore":5.4,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"LOW","availabilityImpact":"LOW"},"exploitabilityScore":2.8,"impactScore":2.5}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-29T15:14:01.909781Z","id":"CVE-2026-52779","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-639"},{"lang":"en","value":"CWE-863"}]}],"references":[{"url":"https://github.com/opf/openproject/security/advisories/GHSA-jrx5-px3f-vfq4","source":"security-advisories@github.com"},{"url":"https://github.com/opf/openproject/security/advisories/GHSA-jrx5-px3f-vfq4","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0"}]}},{"cve":{"id":"CVE-2026-52781","sourceIdentifier":"security-advisories@github.com","published":"2026-06-26T20:17:18.613","lastModified":"2026-06-29T14:16:56.817","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"OpenProject is open-source, web-based project management software. Prior to 17.3.3 and 17.4.1, the HTML sanitizer grants <macro> elements unrestricted data-* attributes via :data wildcard. An attacker injects data-controller=\"poll-for-changes\" into a work package description, causing Stimulus.js to mount a controller that fetches an attacker-uploaded attachment and passes it to renderStreamMessage(). This executes arbitrary Turbo Stream actions — including redirect_to — in every victim's authenticated browser session, redirecting them to an attacker-controlled server. This vulnerability is fixed in 17.3.3 and 17.4.1."}],"affected":[{"source":"security-advisories@github.com","affectedData":[{"vendor":"opf","product":"openproject","versions":[{"version":"< 17.3.3","status":"affected"},{"version":">= 17.4.0, < 17.4.1","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N","baseScore":6.4,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":3.1,"impactScore":2.7}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-29T13:24:36.959287Z","id":"CVE-2026-52781","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-79"}]}],"references":[{"url":"https://github.com/opf/openproject/security/advisories/GHSA-q33w-f822-hg8x","source":"security-advisories@github.com"}]}},{"cve":{"id":"CVE-2026-52782","sourceIdentifier":"security-advisories@github.com","published":"2026-06-26T20:17:18.737","lastModified":"2026-06-29T14:16:56.933","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"OpenProject is open-source, web-based project management software. Prior to 17.3.3 and 17.4.1, there is an IDOR through /projects/<A>/settings/project_storages/<A_ps_id> via PATCH parameter \"storages_project_storage[project_folder_id]\" leads to Access to Unauthorized Resources. A project-admin in one project can hijack the managed Nextcloud or OneDrive folder of another project on the same storage by writing the victim project's project_folder_id into the attacker's Storages::ProjectStorage row. The next managed-folder sync overwrites the ACL on the referenced folder with the attacker project's user list. This vulnerability is fixed in 17.3.3 and 17.4.1."}],"affected":[{"source":"security-advisories@github.com","affectedData":[{"vendor":"opf","product":"openproject","versions":[{"version":"< 17.3.3","status":"affected"},{"version":">= 17.4.0, < 17.4.1","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H","baseScore":9.9,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.1,"impactScore":6.0}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-29T12:02:06.616305Z","id":"CVE-2026-52782","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-639"}]}],"references":[{"url":"https://github.com/opf/openproject/security/advisories/GHSA-3vpx-94qx-xpw6","source":"security-advisories@github.com"}]}},{"cve":{"id":"CVE-2026-52783","sourceIdentifier":"security-advisories@github.com","published":"2026-06-26T20:17:18.860","lastModified":"2026-06-29T14:16:57.040","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"OpenProject is open-source, web-based project management software. Prior to 17.3.3 and 17.4.1, OpenProject's Storages module writes the OneDrive/SharePoint userless OAuth access_token plaintext to Rails.cache under the deterministic key storage.<id>.httpx_access_token, repopulated continuously by an hourly cron and every userless-OAuth call site (see Write cadence). None of the three allowed cache backends (file_store, memcache, redis) encrypts at rest. An attacker with read access to the cache backend recovers the Azure-AD application-tier bearer with an anonymous get over the memcached binary protocol (or the equivalent against Redis). This vulnerability is fixed in 17.3.3 and 17.4.1."}],"affected":[{"source":"security-advisories@github.com","affectedData":[{"vendor":"opf","product":"openproject","versions":[{"version":"< 17.3.3","status":"affected"},{"version":">= 17.4.0, < 17.4.1","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:N","baseScore":8.2,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"LOW","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":1.8,"impactScore":5.8}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-29T13:17:22.766027Z","id":"CVE-2026-52783","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-313"}]}],"references":[{"url":"https://github.com/opf/openproject/security/advisories/GHSA-h83w-5q5x-pq27","source":"security-advisories@github.com"}]}},{"cve":{"id":"CVE-2026-52785","sourceIdentifier":"security-advisories@github.com","published":"2026-06-26T20:17:19.133","lastModified":"2026-06-29T16:16:40.863","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"OpenProject is open-source, web-based project management software. Prior to 17.3.3 and 17.4.1, there is a SQL injection in timestamps functionality. OpenProject baseline comparison allows callers to request historic work-package attributes using the timestamps parameter. This vulnerability is fixed in 17.3.3 and 17.4.1."}],"affected":[{"source":"security-advisories@github.com","affectedData":[{"vendor":"opf","product":"openproject","versions":[{"version":"< 17.3.3","status":"affected"},{"version":">= 17.4.0, < 17.4.1","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:L","baseScore":9.9,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"LOW"},"exploitabilityScore":3.1,"impactScore":6.0}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-29T15:00:30.614721Z","id":"CVE-2026-52785","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-89"}]}],"references":[{"url":"https://github.com/opf/openproject/security/advisories/GHSA-98vw-2r87-fx2r","source":"security-advisories@github.com"}]}},{"cve":{"id":"CVE-2026-55189","sourceIdentifier":"security-advisories@github.com","published":"2026-06-26T20:17:26.717","lastModified":"2026-06-29T16:16:41.477","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"RustFS is a distributed object storage system built in Rust. From 1.0.0-alpha.1 until 1.0.0-beta.9, when the FTP frontend is enabled, the FTP read and probe handlers dispatch directly to the storage backend without ever calling the IAM authorization function that the FTP write/list handlers (and the entire HTTP S3 path) use. As a result, any user who can authenticate to the FTP listener — including a user whose IAM policy contains an explicit Deny on s3:GetObject — can read (RETR) and stat (SIZE/MDTM) any object in any bucket, and probe any bucket (CWD), completely regardless of their IAM policy. This vulnerability is fixed in 1.0.0-beta.9."}],"affected":[{"source":"security-advisories@github.com","affectedData":[{"vendor":"rustfs","product":"rustfs","versions":[{"version":">= 1.0.0-alpha.1, <= 1.0.0-beta.8","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N","baseScore":7.7,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.1,"impactScore":4.0}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-29T15:03:31.819221Z","id":"CVE-2026-55189","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-862"},{"lang":"en","value":"CWE-863"}]}],"references":[{"url":"https://github.com/rustfs/rustfs/security/advisories/GHSA-3g29-xff2-92vp","source":"security-advisories@github.com"},{"url":"https://github.com/rustfs/rustfs/security/advisories/GHSA-3g29-xff2-92vp","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0"}]}},{"cve":{"id":"CVE-2026-38639","sourceIdentifier":"cve@mitre.org","published":"2026-06-26T21:16:33.387","lastModified":"2026-06-29T19:27:07.477","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"An issue in the parse_month function (/time/strptime.rs) of relibc commit ab6a2e allows attackers to cause a Denial of Service (DoS) via parsing a crafted input."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-29T13:56:39.618338Z","id":"CVE-2026-38639","options":[{"exploitation":"poc"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-20"}]}],"references":[{"url":"https://github.com/Marsman1996/pocs/tree/master/redox/CVE-2026-38639","source":"cve@mitre.org"},{"url":"https://gitlab.redox-os.org/redox-os/relibc/-/issues/265","source":"cve@mitre.org"},{"url":"https://gitlab.redox-os.org/redox-os/relibc/-/merge_requests/990","source":"cve@mitre.org"},{"url":"https://gitlab.redox-os.org/redox-os/relibc/-/work_items/265","source":"cve@mitre.org"},{"url":"https://gitlab.redox-os.org/redox-os/relibc/-/work_items/265","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0"}]}},{"cve":{"id":"CVE-2026-38641","sourceIdentifier":"cve@mitre.org","published":"2026-06-26T21:16:33.497","lastModified":"2026-06-29T19:27:07.477","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"An issue in the DSO::mmap_and_copy function of relibc commit 61f42d allows attackers to cause a Denial of Service (DoS) via loading a crafted shared library."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-29T13:45:34.466296Z","id":"CVE-2026-38641","options":[{"exploitation":"poc"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-404"}]}],"references":[{"url":"https://github.com/Marsman1996/pocs/tree/master/redox/CVE-2026-38641","source":"cve@mitre.org"},{"url":"https://gitlab.redox-os.org/redox-os/relibc/-/issues/263","source":"cve@mitre.org"},{"url":"https://gitlab.redox-os.org/redox-os/relibc/-/merge_requests/1046","source":"cve@mitre.org"},{"url":"https://gitlab.redox-os.org/redox-os/relibc/-/work_items/263","source":"cve@mitre.org"},{"url":"https://gitlab.redox-os.org/redox-os/relibc/-/work_items/263","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0"}]}},{"cve":{"id":"CVE-2026-39031","sourceIdentifier":"cve@mitre.org","published":"2026-06-26T21:16:33.600","lastModified":"2026-06-29T19:27:07.477","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"Lansweeper lsrunase 2.0 and lsencrypt 2.0 use RC4 encryption with a hardcoded 142-byte static key array to encrypt credentials. An 8-character prefix is stored in cleartext alongside the ciphertext. This allows an attacker with local access to recover any encrypted password to plaintext using a single SHA-1 hash and RC4 decryption operation, with no brute force required."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N","baseScore":5.5,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":1.8,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-29T13:37:09.839096Z","id":"CVE-2026-39031","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-321"}]}],"references":[{"url":"https://github.com/user6400/cve-2026-39031-lansweeper-lsrunase2-lsencrypt2","source":"cve@mitre.org"},{"url":"https://usermode.net/cve/lansweeper_lsrunase2_lsencrypt2_cve.pdf","source":"cve@mitre.org"},{"url":"https://github.com/user6400/cve-2026-39031-lansweeper-lsrunase2-lsencrypt2","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0"},{"url":"https://usermode.net/cve/lansweeper_lsrunase2_lsencrypt2_cve.pdf","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0"}]}},{"cve":{"id":"CVE-2026-46710","sourceIdentifier":"security-advisories@github.com","published":"2026-06-26T21:16:33.903","lastModified":"2026-06-29T21:21:38.640","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Notepad++ is a free and open-source source code editor. From 8.9.4 until 8.9.6, Notepad++ contains a local privilege escalation vulnerability in the installer. During installation, the installer invokes powershell.exe without using an absolute path after setting the working directory to the installation contextMenu directory. If an attacker can pre-place a malicious powershell.exe in a user-writable custom installation directory, and a privileged user later runs the installer and selects that directory, the attacker-controlled executable is launched with the elevated privileges of the installer. This vulnerability is fixed in 8.9.6."}],"affected":[{"source":"security-advisories@github.com","affectedData":[{"vendor":"notepad-plus-plus","product":"notepad-plus-plus","versions":[{"version":">= 8.9.4, < 8.9.6","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"HIGH","attackRequirements":"NONE","privilegesRequired":"NONE","userInteraction":"NONE","vulnConfidentialityImpact":"HIGH","vulnIntegrityImpact":"HIGH","vulnAvailabilityImpact":"HIGH","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-29T13:21:01.228779Z","id":"CVE-2026-46710","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-426"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:notepad-plus-plus:notepad\\+\\+:*:*:*:*:*:*:*:*","versionStartIncluding":"8.9.4","versionEndExcluding":"8.9.6","matchCriteriaId":"B4FAE122-161E-4B79-BBB5-373FF3D1E0E8"}]}]}],"references":[{"url":"https://github.com/notepad-plus-plus/notepad-plus-plus/commit/1d4aabe2102d982667ead2dd974bee5e0b1f2d9c","source":"security-advisories@github.com","tags":["Patch"]},{"url":"https://github.com/notepad-plus-plus/notepad-plus-plus/security/advisories/GHSA-6f8f-vmfc-r8c5","source":"security-advisories@github.com","tags":["Patch","Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-48770","sourceIdentifier":"security-advisories@github.com","published":"2026-06-26T21:16:34.033","lastModified":"2026-06-29T21:21:52.510","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Notepad++ is a free and open-source source code editor. Prior to 8.9.6.1, a local process in the same interactive Windows session can send a malformed WM_COPYDATA message to Notepad++ using the COPYDATA_FULL_CMDLINE path. The handler appears to process COPYDATASTRUCT.lpData as an unbounded NUL-terminated wchar_t* instead of enforcing COPYDATASTRUCT.cbData. This vulnerability is fixed in 8.9.6.1."}],"affected":[{"source":"security-advisories@github.com","affectedData":[{"vendor":"notepad-plus-plus","product":"notepad-plus-plus","versions":[{"version":"< 8.9.6.1","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H","baseScore":5.0,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":1.3,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-29T12:11:50.434471Z","id":"CVE-2026-48770","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-125"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:notepad-plus-plus:notepad\\+\\+:*:*:*:*:*:*:*:*","versionEndExcluding":"8.9.6.1","matchCriteriaId":"E0D0325F-713A-4523-8DE8-51517017DC16"}]}]}],"references":[{"url":"https://github.com/notepad-plus-plus/notepad-plus-plus/commit/f20a0888a92ce557a339b833cd9d9d8e97dc797d","source":"security-advisories@github.com","tags":["Patch"]},{"url":"https://github.com/notepad-plus-plus/notepad-plus-plus/security/advisories/GHSA-r39g-3mcw-xcg2","source":"security-advisories@github.com","tags":["Exploit","Patch","Vendor Advisory","Mitigation"]},{"url":"https://github.com/notepad-plus-plus/notepad-plus-plus/security/advisories/GHSA-r39g-3mcw-xcg2","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","tags":["Exploit","Patch","Vendor Advisory","Mitigation"]}]}},{"cve":{"id":"CVE-2026-48778","sourceIdentifier":"security-advisories@github.com","published":"2026-06-26T21:16:34.167","lastModified":"2026-06-29T21:22:02.437","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Notepad++ is a free and open-source source code editor. Prior to 8.9.6.1, the <GUIConfig name=\"commandLineInterpreter\"> tag in config.xml is read by NppXml::value() (Parameters.cpp:6430) and stored in _nppGUI._commandLineInterpreter without any validation, whitelist, or digital signature check. When the user triggers IDM_FILE_OPEN_CMD (File → Open Containing Folder → cmd), NppCommands.cpp:228 creates a Command object with this value and calls run(), which invokes ShellExecute (RunDlg.cpp:221) with the attacker-controlled string as the executable path. This vulnerability is fixed in 8.9.6.1."}],"affected":[{"source":"security-advisories@github.com","affectedData":[{"vendor":"notepad-plus-plus","product":"notepad-plus-plus","versions":[{"version":"< 8.9.6.1","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-29T13:09:56.846745Z","id":"CVE-2026-48778","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-78"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:notepad-plus-plus:notepad\\+\\+:*:*:*:*:*:*:*:*","versionEndExcluding":"8.9.6.1","matchCriteriaId":"E0D0325F-713A-4523-8DE8-51517017DC16"}]}]}],"references":[{"url":"https://github.com/notepad-plus-plus/notepad-plus-plus/commit/24c7b5c63cece76dbc8c4f2607a27ebfe22fa614","source":"security-advisories@github.com","tags":["Patch"]},{"url":"https://github.com/notepad-plus-plus/notepad-plus-plus/security/advisories/GHSA-7hm3-wp5q-ccv9","source":"security-advisories@github.com","tags":["Exploit","Patch","Vendor Advisory"]},{"url":"https://github.com/notepad-plus-plus/notepad-plus-plus/security/advisories/GHSA-7hm3-wp5q-ccv9","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","tags":["Exploit","Patch","Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-52884","sourceIdentifier":"security-advisories@github.com","published":"2026-06-26T21:16:34.797","lastModified":"2026-06-29T21:22:26.173","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Notepad++ is a free and open-source source code editor. In v8.9.6.1, isInTrustedDirectory() does NOT canonicalize the path before checking. It uses a prefix-based check (PathIsPrefix() or equivalent) that matches paths starting with trusted directory strings. A path traversal using ..\\..\\ after a trusted directory prefix passes the check while resolving to an untrusted location. The CVE-2026-48800 patch adds isInTrustedDirectory() validation in Command::run() (RunDlg.cpp) before calling ShellExecute(). This function checks whether the resolved executable path is under a trusted directory.  This vulnerability is fixed in 8.9.6.2."}],"affected":[{"source":"security-advisories@github.com","affectedData":[{"vendor":"notepad-plus-plus","product":"notepad-plus-plus","versions":[{"version":"= 8.9.6.1","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-29T12:10:33.378787Z","id":"CVE-2026-52884","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-42"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:notepad-plus-plus:notepad\\+\\+:8.9.6.1:*:*:*:*:*:*:*","matchCriteriaId":"FF4B62FE-F294-4DF6-AFFF-27478F8D4C80"}]}]}],"references":[{"url":"https://github.com/notepad-plus-plus/notepad-plus-plus/commit/ea1508855e9c4528f6198ce9d345f13cb759ebf4","source":"security-advisories@github.com","tags":["Patch"]},{"url":"https://github.com/notepad-plus-plus/notepad-plus-plus/security/advisories/GHSA-p58x-r3c9-x9p6","source":"security-advisories@github.com","tags":["Exploit","Patch","Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-52885","sourceIdentifier":"security-advisories@github.com","published":"2026-06-26T21:16:34.920","lastModified":"2026-06-29T21:22:34.847","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Notepad++ is a free and open-source source code editor. Prior to 8.9.6.4, NppCommands.cpp checks the HMAC of the on-disk shortcuts.xml at the moment a user command fires (Time-of-Check). However, the command payload is taken from the in-memory _userCommands vector, which is populated at application startup and never re-synchronized with the on-disk file (Time-of-Use). Swapping shortcuts.xml between startup and command execution causes the HMAC check to validate a clean file while a malicious command runs. An attacker with write access to shortcuts.xml places a malicious version on disk before launch, then immediately restores the legitimate file. The HMAC check at execution time validates the restored legitimate file (check passes), while the malicious payload executes from memory. This vulnerability is fixed in 8.9.6.4."}],"affected":[{"source":"security-advisories@github.com","affectedData":[{"vendor":"notepad-plus-plus","product":"notepad-plus-plus","versions":[{"version":"< 8.9.6.4","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"HIGH","attackRequirements":"NONE","privilegesRequired":"NONE","userInteraction":"NONE","vulnConfidentialityImpact":"HIGH","vulnIntegrityImpact":"HIGH","vulnAvailabilityImpact":"HIGH","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H","baseScore":6.3,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"HIGH","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.0,"impactScore":5.2}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-29T13:11:30.827250Z","id":"CVE-2026-52885","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-367"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:notepad-plus-plus:notepad\\+\\+:*:*:*:*:*:*:*:*","versionEndExcluding":"8.9.6.4","matchCriteriaId":"C08EFDC8-72A6-48D5-8201-DE843A33BB3B"}]}]}],"references":[{"url":"https://github.com/notepad-plus-plus/notepad-plus-plus/commit/4f7563c7c7f8ffa0d795ec86a7777067c7d644b5","source":"security-advisories@github.com","tags":["Patch"]},{"url":"https://github.com/notepad-plus-plus/notepad-plus-plus/security/advisories/GHSA-qm4c-qg8p-qfcr","source":"security-advisories@github.com","tags":["Exploit","Patch","Vendor Advisory"]},{"url":"https://github.com/notepad-plus-plus/notepad-plus-plus/security/advisories/GHSA-qm4c-qg8p-qfcr","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","tags":["Exploit","Patch","Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-36907","sourceIdentifier":"cve@mitre.org","published":"2026-06-26T22:16:31.637","lastModified":"2026-06-29T19:27:07.477","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"A stack overflow in the AP4_StsdAtom::AP4_StsdAtom component of axiomatic-systems Bento4 before v1.8.9allows attackers to cause a Denial of Service (DoS) via a crafted MP4 file."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H","baseScore":5.5,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-29T13:03:23.111067Z","id":"CVE-2026-36907","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-121"}]}],"references":[{"url":"https://github.com/Aleksoid1978/MPC-BE/issues/1005","source":"cve@mitre.org"},{"url":"https://github.com/axiomatic-systems/Bento4/issues/614","source":"cve@mitre.org"},{"url":"https://github.com/Aleksoid1978/MPC-BE/issues/1005","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0"},{"url":"https://github.com/axiomatic-systems/Bento4/issues/614","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0"}]}},{"cve":{"id":"CVE-2026-36908","sourceIdentifier":"cve@mitre.org","published":"2026-06-26T22:16:31.747","lastModified":"2026-06-29T19:27:07.477","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"A stack overflow in the AP4_Array<AP4_TrunAtom::Entry>::EnsureCapacity component of axiomatic-systems Bento4 before v1.8.9allows attackers to cause a Denial of Service (DoS) via a crafted MP4 file."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H","baseScore":5.5,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-29T12:59:48.350440Z","id":"CVE-2026-36908","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-121"}]}],"references":[{"url":"https://github.com/Aleksoid1978/MPC-BE/issues/1005","source":"cve@mitre.org"},{"url":"https://github.com/axiomatic-systems/Bento4/issues/842","source":"cve@mitre.org"},{"url":"https://github.com/Aleksoid1978/MPC-BE/issues/1005","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0"},{"url":"https://github.com/z1r00/fuzz_vuln/blob/main/Bento4/mp42aac/poc4.zip","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0"}]}},{"cve":{"id":"CVE-2026-38571","sourceIdentifier":"cve@mitre.org","published":"2026-06-26T22:16:31.860","lastModified":"2026-06-29T19:27:39.477","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"Cleartext storage and exposure of WPA2 credentials, and missing authentication on the rr/wr memory read/write commands, in the unauthenticated UART debug console of the Tenda N300 F3 (V603) allow a physically proximate attacker to obtain stored WPA2 credentials in cleartext and to read or write arbitrary memory via the serial console."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N","baseScore":4.6,"baseSeverity":"MEDIUM","attackVector":"PHYSICAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":0.9,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-29T13:32:05.089769Z","id":"CVE-2026-38571","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-312"}]}],"references":[{"url":"https://github.com/ZEssaidi-CS/Vulnerability-research/tree/main/CVE-2026-38571","source":"cve@mitre.org"},{"url":"https://github.com/ZEssaidi-CS/Vulnerability-research/tree/main/CVE-2026-38571","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0"}]}},{"cve":{"id":"CVE-2026-55975","sourceIdentifier":"ics-cert@hq.dhs.gov","published":"2026-06-26T23:17:08.997","lastModified":"2026-06-29T19:24:39.393","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"A vulnerability exists in H.View IP cameras that could allow an authenticated user to supply unsanitized XML fields to the device's certificate generation interface, which are incorporated into a backend certificate creation command without proper input validation. This may allow for command execution with elevated privileges during certificate generation."}],"affected":[{"source":"ics-cert@hq.dhs.gov","affectedData":[{"vendor":"H.VIEW","product":"HV-500S6 IP Camera","defaultStatus":"unaffected","versions":[{"version":"IPCAM_V4.06.88.251229","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"ics-cert@hq.dhs.gov","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":8.6,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"HIGH","userInteraction":"NONE","vulnConfidentialityImpact":"HIGH","vulnIntegrityImpact":"HIGH","vulnAvailabilityImpact":"HIGH","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"ics-cert@hq.dhs.gov","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H","baseScore":7.2,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.2,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-29T13:55:53.086128Z","id":"CVE-2026-55975","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"ics-cert@hq.dhs.gov","type":"Secondary","description":[{"lang":"en","value":"CWE-78"}]}],"references":[{"url":"https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2026/icsa-26-176-05.json","source":"ics-cert@hq.dhs.gov"},{"url":"https://hviewsmart.com/pages/contact-us","source":"ics-cert@hq.dhs.gov"},{"url":"https://www.cisa.gov/news-events/ics-advisories/icsa-26-176-05","source":"ics-cert@hq.dhs.gov"}]}},{"cve":{"id":"CVE-2026-56414","sourceIdentifier":"ics-cert@hq.dhs.gov","published":"2026-06-26T23:17:09.137","lastModified":"2026-06-29T19:24:39.393","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"A vulnerability exists in H.View IP cameras certificate-related upload interfaces allow authenticated users to store arbitrary file content to fixed, persistent filesystem locations without validating file type, structure, or size. This design omission enables the placement of unexpected or malformed data in locations intended for trusted certificate material, which could affect system integrity or behavior even after reboot."}],"affected":[{"source":"ics-cert@hq.dhs.gov","affectedData":[{"vendor":"H.VIEW","product":"HV-500S6 IP Camera","defaultStatus":"unaffected","versions":[{"version":"IPCAM_V4.06.88.251229","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"ics-cert@hq.dhs.gov","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":8.6,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"HIGH","userInteraction":"NONE","vulnConfidentialityImpact":"HIGH","vulnIntegrityImpact":"HIGH","vulnAvailabilityImpact":"HIGH","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"ics-cert@hq.dhs.gov","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H","baseScore":7.2,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.2,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-29T13:23:16.925321Z","id":"CVE-2026-56414","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"ics-cert@hq.dhs.gov","type":"Secondary","description":[{"lang":"en","value":"CWE-434"}]}],"references":[{"url":"https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2026/icsa-26-176-05.json","source":"ics-cert@hq.dhs.gov"},{"url":"https://hviewsmart.com/pages/contact-us","source":"ics-cert@hq.dhs.gov"},{"url":"https://www.cisa.gov/news-events/ics-advisories/icsa-26-176-05","source":"ics-cert@hq.dhs.gov"}]}},{"cve":{"id":"CVE-2026-11356","sourceIdentifier":"security@wordfence.com","published":"2026-06-27T02:16:28.713","lastModified":"2026-06-29T20:17:32.243","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"The Ivory Search – WordPress Search Plugin plugin for WordPress is vulnerable to Stored Cross-Site Scripting via 'menu_title' and 'menu_magnifier_color' Settings in all versions up to, and including, 5.5.15 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page."}],"affected":[{"source":"security@wordfence.com","affectedData":[{"vendor":"vinod-dalvi","product":"Ivory Search – WordPress Search Plugin","defaultStatus":"unaffected","versions":[{"version":"0","lessThanOrEqual":"5.5.15","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"security@wordfence.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N","baseScore":4.4,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":1.3,"impactScore":2.7}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-29T19:15:33.615432Z","id":"CVE-2026-11356","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security@wordfence.com","type":"Secondary","description":[{"lang":"en","value":"CWE-79"}]}],"references":[{"url":"https://plugins.trac.wordpress.org/browser/add-search-to-menu/tags/5.5.14/admin/class-is-settings-fields.php#L249","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/browser/add-search-to-menu/tags/5.5.14/public/class-is-public.php#L1199","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/browser/add-search-to-menu/tags/5.5.14/public/class-is-public.php#L222","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/browser/add-search-to-menu/tags/5.5.14/public/class-is-public.php#L263","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/browser/add-search-to-menu/tags/5.5.15/admin/class-is-settings-fields.php#L249","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/browser/add-search-to-menu/tags/5.5.15/public/class-is-public.php#L1199","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/browser/add-search-to-menu/tags/5.5.15/public/class-is-public.php#L222","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/browser/add-search-to-menu/tags/5.5.15/public/class-is-public.php#L263","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3583051%40add-search-to-menu&new=3583051%40add-search-to-menu&sfp_email=&sfph_mail=","source":"security@wordfence.com"},{"url":"https://www.wordfence.com/threat-intel/vulnerabilities/id/ab004836-8362-46d6-acfc-80f582605b43?source=cve","source":"security@wordfence.com"}]}},{"cve":{"id":"CVE-2026-13331","sourceIdentifier":"security@wordfence.com","published":"2026-06-27T02:16:28.870","lastModified":"2026-06-29T18:40:23.203","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"The Groundhogg — CRM, Newsletters, and Marketing Automation plugin for WordPress is vulnerable to generic SQL Injection via the 'search' parameter in all versions up to, and including, 4.5.5 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers, with marketer-level access and above, to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database."}],"affected":[{"source":"security@wordfence.com","affectedData":[{"vendor":"trainingbusinesspros","product":"Groundhogg — CRM, Newsletters, and Marketing Automation","defaultStatus":"unaffected","versions":[{"version":"0","lessThanOrEqual":"4.5.5","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"security@wordfence.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-27T03:16:15.411168Z","id":"CVE-2026-13331","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security@wordfence.com","type":"Secondary","description":[{"lang":"en","value":"CWE-89"}]}],"references":[{"url":"https://plugins.trac.wordpress.org/browser/groundhogg/tags/4.5.5/api/v4/base-object-api.php#L488","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/browser/groundhogg/tags/4.5.5/db/db.php#L330","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/browser/groundhogg/tags/4.5.5/db/db.php#L395","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/browser/groundhogg/tags/4.5.5/db/steps.php#L231","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/browser/groundhogg/tags/4.5.5/db/steps.php#L254","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3586389%40groundhogg&new=3586389%40groundhogg&sfp_email=&sfph_mail=","source":"security@wordfence.com"},{"url":"https://www.wordfence.com/threat-intel/vulnerabilities/id/20ee6bc7-2732-4da3-b005-a971d12b0e32?source=cve","source":"security@wordfence.com"}]}},{"cve":{"id":"CVE-2026-13333","sourceIdentifier":"security@wordfence.com","published":"2026-06-27T02:16:28.990","lastModified":"2026-06-29T18:40:23.203","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"The Groundhogg — CRM, Newsletters, and Marketing Automation plugin for WordPress is vulnerable to generic SQL Injection via 'query[select]' Parameter in all versions up to, and including, 4.5.5 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers, with Sales Representative-level access and above, to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database. The sanitized Contact_Query code path can be bypassed by supplying an invalid filter type (e.g., query[filters][0][0][type]=invalid_filter_nonexistent), causing a FilterException to be caught and execution to fall through to the unsanitized Legacy_Contact_Query path."}],"affected":[{"source":"security@wordfence.com","affectedData":[{"vendor":"trainingbusinesspros","product":"Groundhogg — CRM, Newsletters, and Marketing Automation","defaultStatus":"unaffected","versions":[{"version":"0","lessThanOrEqual":"4.5.5","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"security@wordfence.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-29T13:55:16.037136Z","id":"CVE-2026-13333","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security@wordfence.com","type":"Secondary","description":[{"lang":"en","value":"CWE-89"}]}],"references":[{"url":"https://plugins.trac.wordpress.org/browser/groundhogg/tags/4.5.5/api/v3/contacts-api.php#L287","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/browser/groundhogg/tags/4.5.5/includes/contact-query.php#L2585","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/browser/groundhogg/tags/4.5.5/includes/legacy-contact-query.php#L708","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/browser/groundhogg/tags/4.5.5/includes/legacy-contact-query.php#L753","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3586389%40groundhogg&new=3586389%40groundhogg&sfp_email=&sfph_mail=","source":"security@wordfence.com"},{"url":"https://www.wordfence.com/threat-intel/vulnerabilities/id/4a0c04fe-7a9f-4a3f-ba2c-3bdcb5dec060?source=cve","source":"security@wordfence.com"}]}},{"cve":{"id":"CVE-2026-13335","sourceIdentifier":"security@wordfence.com","published":"2026-06-27T02:16:29.110","lastModified":"2026-06-29T18:40:23.203","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"The CodePeople Post Map for Google Maps plugin for WordPress is vulnerable to Stored Cross-Site Scripting via 'cpm_point' Post Meta in all versions up to, and including, 1.2.6 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page."}],"affected":[{"source":"security@wordfence.com","affectedData":[{"vendor":"codepeople","product":"CodePeople Post Map for Google Maps","defaultStatus":"unaffected","versions":[{"version":"0","lessThanOrEqual":"1.2.6","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"security@wordfence.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N","baseScore":6.4,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":3.1,"impactScore":2.7}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-29T14:30:31.844784Z","id":"CVE-2026-13335","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security@wordfence.com","type":"Secondary","description":[{"lang":"en","value":"CWE-79"}]}],"references":[{"url":"https://plugins.trac.wordpress.org/browser/codepeople-post-map/tags/1.2.6/include/functions.php#L132","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/browser/codepeople-post-map/tags/1.2.6/include/functions.php#L163","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/browser/codepeople-post-map/tags/1.2.6/include/functions.php#L710","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/browser/codepeople-post-map/tags/1.2.6/include/functions.php#L712","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/browser/codepeople-post-map/tags/1.2.6/include/functions.php#L713","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/browser/codepeople-post-map/tags/1.2.6/include/functions.php#L881","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3586404%40codepeople-post-map&new=3586404%40codepeople-post-map&sfp_email=&sfph_mail=","source":"security@wordfence.com"},{"url":"https://www.wordfence.com/threat-intel/vulnerabilities/id/411d6ca0-933a-4c68-9681-7fce9eb34c9d?source=cve","source":"security@wordfence.com"}]}},{"cve":{"id":"CVE-2026-13422","sourceIdentifier":"security@wordfence.com","published":"2026-06-27T02:16:29.237","lastModified":"2026-06-29T18:40:23.203","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"The HD Quiz plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions 2.2.0 to 2.2.1. This is due to missing or incorrect nonce validation on the hdq_validate_nonce function. This makes it possible for unauthenticated attackers to delete or modify quizzes and questions, create new quizzes, and change plugin settings via a forged request granted they can trick a site administrator into performing an action such as clicking on a link."}],"affected":[{"source":"security@wordfence.com","affectedData":[{"vendor":"harmonic_design","product":"HD Quiz","defaultStatus":"unaffected","versions":[{"version":"2.2.0","lessThanOrEqual":"2.2.1","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"security@wordfence.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N","baseScore":4.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":1.4}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-29T12:16:24.172845Z","id":"CVE-2026-13422","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security@wordfence.com","type":"Secondary","description":[{"lang":"en","value":"CWE-352"}]}],"references":[{"url":"https://plugins.trac.wordpress.org/browser/hd-quiz/tags/2.2.0/includes/actions-ajax.php#L155","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/browser/hd-quiz/tags/2.2.0/includes/actions-ajax.php#L179","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/browser/hd-quiz/tags/2.2.0/includes/actions-ajax.php#L53","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/browser/hd-quiz/tags/2.2.0/includes/actions-ajax.php#L68","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/browser/hd-quiz/tags/2.2.0/includes/actions-ajax.php#L7","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/browser/hd-quiz/tags/2.2.0/includes/actions-ajax.php#L87","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/browser/hd-quiz/tags/2.2.0/includes/functions.php#L39","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/browser/hd-quiz/tags/2.2.1/includes/actions-ajax.php#L155","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/browser/hd-quiz/tags/2.2.1/includes/actions-ajax.php#L179","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/browser/hd-quiz/tags/2.2.1/includes/actions-ajax.php#L53","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/browser/hd-quiz/tags/2.2.1/includes/actions-ajax.php#L68","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/browser/hd-quiz/tags/2.2.1/includes/actions-ajax.php#L7","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/browser/hd-quiz/tags/2.2.1/includes/actions-ajax.php#L87","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/browser/hd-quiz/tags/2.2.1/includes/functions.php#L39","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/browser/hd-quiz/tags/2.2.2/includes/functions.php#L40","source":"security@wordfence.com"},{"url":"https://www.wordfence.com/threat-intel/vulnerabilities/id/c886ce5a-0633-4892-9471-c1a7ee858c93?source=cve","source":"security@wordfence.com"}]}},{"cve":{"id":"CVE-2026-12415","sourceIdentifier":"security@wordfence.com","published":"2026-06-27T05:16:41.620","lastModified":"2026-06-29T18:40:23.203","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"The Invoice Generator plugin for WordPress is vulnerable to privilege escalation due to a missing capability check on the pravel_invoice_edit_account() AJAX action in versions up to, and including, 1.0.0. The handler is exposed via wp_ajax_nopriv_pravel_invoice_edit_account, accepts an attacker-controlled user_id and user_email from POST data, and calls wp_update_user() without verifying authentication, ownership, or a nonce. This makes it possible for unauthenticated attackers to change the email address of any user, including administrators, and then trigger WordPress's password reset flow to gain access to the targeted account."}],"affected":[{"source":"security@wordfence.com","affectedData":[{"vendor":"pravel","product":"Invoice Generator","defaultStatus":"unaffected","versions":[{"version":"0","lessThanOrEqual":"1.0.0","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"security@wordfence.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-29T13:13:55.004055Z","id":"CVE-2026-12415","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security@wordfence.com","type":"Secondary","description":[{"lang":"en","value":"CWE-269"}]}],"references":[{"url":"https://plugins.trac.wordpress.org/browser/invoice-creator/trunk/lib/user-manage-function.php#L184","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/browser/invoice-creator/trunk/lib/user-manage-function.php#L193","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/browser/invoice-creator/trunk/lib/user-manage-function.php#L203","source":"security@wordfence.com"},{"url":"https://www.wordfence.com/threat-intel/vulnerabilities/id/ee045d0d-101a-4ae2-b209-4a4865eec195?source=cve","source":"security@wordfence.com"}]}},{"cve":{"id":"CVE-2026-10820","sourceIdentifier":"contact@wpscan.com","published":"2026-06-27T06:16:30.597","lastModified":"2026-06-29T19:15:23.213","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"The Paid Membership Plugin, Ecommerce, User Registration Form, Login Form, User Profile & Restrict Content  WordPress plugin before 4.16.17 does not verify that the user performing a subscription action owns the targeted subscription, allowing any authenticated user (Subscriber+) to cancel other users' active subscriptions via an Insecure Direct Object Reference."}],"affected":[{"source":"contact@wpscan.com","affectedData":[{"vendor":"Unknown","product":"Paid Membership Plugin, Ecommerce, User Registration Form, Login Form, User Profile & Restrict Content","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"4.16.17","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H","baseScore":8.1,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.2}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-29T12:44:53.528755Z","id":"CVE-2026-10820","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"references":[{"url":"https://wpscan.com/vulnerability/cb7ad514-e0d5-4ff3-803a-918cdc194f39/","source":"contact@wpscan.com"}]}},{"cve":{"id":"CVE-2026-12404","sourceIdentifier":"security@wordfence.com","published":"2026-06-27T06:16:31.617","lastModified":"2026-06-29T19:16:38.570","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"The NEX-Forms – Ultimate Forms Plugin for WordPress plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 9.2.2. This is due to the plugin not properly verifying that a user is authorized to perform an action. This makes it possible for unauthenticated attackers to enumerate sequential report IDs and download complete form submission data — including names, email addresses, phone numbers, postal addresses, payment details, and uploaded file paths — for any saved report on the site."}],"affected":[{"source":"security@wordfence.com","affectedData":[{"vendor":"webaways","product":"NEX-Forms – Ultimate Forms Plugin for WordPress","defaultStatus":"unaffected","versions":[{"version":"0","lessThanOrEqual":"9.2.2","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"security@wordfence.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N","baseScore":5.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":1.4}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-29T18:49:58.099006Z","id":"CVE-2026-12404","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security@wordfence.com","type":"Secondary","description":[{"lang":"en","value":"CWE-862"}]}],"references":[{"url":"https://plugins.trac.wordpress.org/browser/nex-forms-express-wp-form-builder/tags/9.1.12/main.php#L3648","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/browser/nex-forms-express-wp-form-builder/tags/9.1.12/main.php#L3654","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/browser/nex-forms-express-wp-form-builder/tags/9.1.12/main.php#L3792","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/browser/nex-forms-express-wp-form-builder/tags/9.2.2/main.php#L3648","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/browser/nex-forms-express-wp-form-builder/tags/9.2.2/main.php#L3654","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/browser/nex-forms-express-wp-form-builder/tags/9.2.2/main.php#L3792","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3584399%40nex-forms-express-wp-form-builder&new=3584399%40nex-forms-express-wp-form-builder&sfp_email=&sfph_mail=","source":"security@wordfence.com"},{"url":"https://www.wordfence.com/threat-intel/vulnerabilities/id/ecf39f38-a476-47a8-a632-986b851895a6?source=cve","source":"security@wordfence.com"}]}},{"cve":{"id":"CVE-2026-13245","sourceIdentifier":"security@wordfence.com","published":"2026-06-27T06:16:31.773","lastModified":"2026-06-29T18:40:23.203","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"The MaxButtons – Create buttons plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'view' parameter in all versions up to, and including, 9.8.5 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link."}],"affected":[{"source":"security@wordfence.com","affectedData":[{"vendor":"maxfoundry","product":"MaxButtons – Create buttons","defaultStatus":"unaffected","versions":[{"version":"0","lessThanOrEqual":"9.8.5","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"security@wordfence.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","baseScore":6.1,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":2.7}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-29T12:11:36.752782Z","id":"CVE-2026-13245","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security@wordfence.com","type":"Secondary","description":[{"lang":"en","value":"CWE-79"}]}],"references":[{"url":"https://plugins.trac.wordpress.org/browser/maxbuttons/tags/9.8.5/classes/controllers/listController.php#L38","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/browser/maxbuttons/tags/9.8.5/includes/maxbuttons-list.php#L62","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3586921%40maxbuttons&new=3586921%40maxbuttons&sfp_email=&sfph_mail=","source":"security@wordfence.com"},{"url":"https://www.wordfence.com/threat-intel/vulnerabilities/id/5805b1f1-34e7-49d5-93dd-748113b6093b?source=cve","source":"security@wordfence.com"}]}},{"cve":{"id":"CVE-2026-9677","sourceIdentifier":"contact@wpscan.com","published":"2026-06-27T06:16:34.783","lastModified":"2026-06-29T19:15:23.213","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"The Shariff for WordPress Shariff for WordPress plugin through 1.0.11 does not sanitize or escape the shariff_infourl setting before outputting it in the frontend HTML via the generateshariff() function, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)."}],"affected":[{"source":"contact@wpscan.com","affectedData":[{"vendor":"Unknown","product":"Shariff for WordPress","defaultStatus":"unknown","versions":[{"version":"0","lessThanOrEqual":"1.0.11","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N","baseScore":4.8,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":1.7,"impactScore":2.7}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-29T12:44:17.256700Z","id":"CVE-2026-9677","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"references":[{"url":"https://wpscan.com/vulnerability/c40298d0-42c2-406c-817a-9bbf246bbeea/","source":"contact@wpscan.com"}]}},{"cve":{"id":"CVE-2026-11364","sourceIdentifier":"security@wordfence.com","published":"2026-06-27T08:16:43.773","lastModified":"2026-06-29T18:40:23.203","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"The Product Specifications for WooCommerce plugin for WordPress is vulnerable to unauthorized modification, creation, and deletion of data in versions up to and including 0.8.9. This is due to a missing capability check and missing nonce verification in the __invoke() methods of the AttributeGroupController and AttributeController classes, which are bound to the 'dwps_modify_groups' and 'dwps_modify_attributes' AJAX actions. This makes it possible for authenticated attackers, with Subscriber-level access and above, to create, edit, and delete arbitrary product specification groups and attributes (taxonomy terms in the 'spec-group' and attribute taxonomies), corrupting business data and impacting the site's frontend display."}],"affected":[{"source":"security@wordfence.com","affectedData":[{"vendor":"dornaweb","product":"Product Specifications for Woocommerce","defaultStatus":"unaffected","versions":[{"version":"0","lessThanOrEqual":"0.8.9","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"security@wordfence.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N","baseScore":4.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":1.4}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-29T13:53:39.962516Z","id":"CVE-2026-11364","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security@wordfence.com","type":"Secondary","description":[{"lang":"en","value":"CWE-862"}]}],"references":[{"url":"https://plugins.trac.wordpress.org/browser/product-specifications/tags/0.8.7/src/EntityUpdater/AttributeController.php#L18","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/browser/product-specifications/tags/0.8.7/src/EntityUpdater/AttributeGroupController.php#L13","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/browser/product-specifications/tags/0.8.7/src/EntityUpdater/Module.php#L19","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/browser/product-specifications/tags/0.8.9/src/EntityUpdater/AttributeController.php#L18","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/browser/product-specifications/tags/0.8.9/src/EntityUpdater/AttributeGroupController.php#L13","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/browser/product-specifications/tags/0.8.9/src/EntityUpdater/Module.php#L19","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3580068%40product-specifications&new=3580068%40product-specifications&sfp_email=&sfph_mail=","source":"security@wordfence.com"},{"url":"https://www.wordfence.com/threat-intel/vulnerabilities/id/38318605-40f7-4676-b409-f98a6c27cbfe?source=cve","source":"security@wordfence.com"}]}},{"cve":{"id":"CVE-2026-11597","sourceIdentifier":"security@wordfence.com","published":"2026-06-27T08:16:43.910","lastModified":"2026-06-29T18:40:23.203","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"The Surbma | Infusionsoft Shortcode plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'infusionsoft-form' shortcode in versions up to, and including, 2.0.1. This is due to insufficient input sanitization and output escaping on user-supplied 'account' and 'id' shortcode attributes in the surbma_infusionsoft_shortcode_shortcode() function, which are concatenated directly into a <script> tag's src attribute. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page."}],"affected":[{"source":"security@wordfence.com","affectedData":[{"vendor":"surbma","product":"Surbma | Infusionsoft Shortcode","defaultStatus":"unaffected","versions":[{"version":"0","lessThanOrEqual":"2.0.1","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"security@wordfence.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N","baseScore":6.4,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":3.1,"impactScore":2.7}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-29T14:48:30.449594Z","id":"CVE-2026-11597","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security@wordfence.com","type":"Secondary","description":[{"lang":"en","value":"CWE-79"}]}],"references":[{"url":"https://plugins.trac.wordpress.org/browser/surbma-infusionsoft-shortcode/tags/2.0/surbma-infusionsoft-shortcode.php#L31","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/browser/surbma-infusionsoft-shortcode/tags/2.0/surbma-infusionsoft-shortcode.php#L35","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3581906%40surbma-infusionsoft-shortcode&new=3581906%40surbma-infusionsoft-shortcode&sfp_email=&sfph_mail=","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3581936%40surbma-infusionsoft-shortcode&new=3581936%40surbma-infusionsoft-shortcode&sfp_email=&sfph_mail=","source":"security@wordfence.com"},{"url":"https://www.wordfence.com/threat-intel/vulnerabilities/id/c2a91fe9-f642-4a61-a175-ed5bb537bf08?source=cve","source":"security@wordfence.com"}]}},{"cve":{"id":"CVE-2026-11773","sourceIdentifier":"security@wordfence.com","published":"2026-06-27T08:16:44.050","lastModified":"2026-06-29T18:40:23.203","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"The Masteriyo LMS – LMS Course Builder, Quizzes & Certificates plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 2.2.1. This is due to the plugin not properly verifying that a user is authorized to perform an action. This makes it possible for authenticated attackers, with student-level access and above, to modify the description (post content) of arbitrary course announcements authored by instructors or administrators."}],"affected":[{"source":"security@wordfence.com","affectedData":[{"vendor":"masteriyo","product":"Masteriyo LMS – LMS Course Builder, Quizzes & Certificates","defaultStatus":"unaffected","versions":[{"version":"0","lessThanOrEqual":"2.2.1","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"security@wordfence.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N","baseScore":4.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":1.4}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-29T12:19:37.940286Z","id":"CVE-2026-11773","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security@wordfence.com","type":"Secondary","description":[{"lang":"en","value":"CWE-862"}]}],"references":[{"url":"https://plugins.trac.wordpress.org/browser/learning-management-system/tags/2.1.8/addons/course-announcement/Controllers/CourseAnnouncementController.php#L619","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/browser/learning-management-system/tags/2.1.8/addons/course-announcement/Controllers/CourseAnnouncementController.php#L782","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/browser/learning-management-system/tags/2.2.1/addons/course-announcement/Controllers/CourseAnnouncementController.php#L619","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/browser/learning-management-system/tags/2.2.1/addons/course-announcement/Controllers/CourseAnnouncementController.php#L782","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3583519%40learning-management-system&new=3583519%40learning-management-system&sfp_email=&sfph_mail=","source":"security@wordfence.com"},{"url":"https://www.wordfence.com/threat-intel/vulnerabilities/id/5780d762-2313-4c81-be02-99543359d824?source=cve","source":"security@wordfence.com"}]}},{"cve":{"id":"CVE-2026-11783","sourceIdentifier":"security@wordfence.com","published":"2026-06-27T08:16:44.197","lastModified":"2026-06-29T18:40:23.203","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"The Dokan: AI Powered WooCommerce Multivendor Marketplace Solution – Build Your Own Amazon, eBay, Etsy plugin for WordPress is vulnerable to Stored Cross-Site Scripting via Product SKU in all versions up to, and including, 5.0.4 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with custom-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. The malicious payload is delivered to site visitors — including unauthenticated users — when the store search widget inserts the unescaped AJAX response HTML into the DOM via jQuery's .html() method."}],"affected":[{"source":"security@wordfence.com","affectedData":[{"vendor":"dokaninc","product":"Dokan: AI Powered WooCommerce Multivendor Marketplace Solution – Build Your Own Amazon, eBay, Etsy","defaultStatus":"unaffected","versions":[{"version":"0","lessThanOrEqual":"5.0.4","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"security@wordfence.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N","baseScore":6.4,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":3.1,"impactScore":2.7}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-29T13:13:22.151007Z","id":"CVE-2026-11783","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security@wordfence.com","type":"Secondary","description":[{"lang":"en","value":"CWE-79"}]}],"references":[{"url":"https://plugins.trac.wordpress.org/browser/dokan-lite/tags/4.3.3/includes/Product/Hooks.php#L117","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/browser/dokan-lite/tags/4.3.3/includes/Product/Hooks.php#L137","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/browser/dokan-lite/tags/4.3.3/includes/Product/Hooks.php#L161","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/browser/dokan-lite/tags/5.0.3/includes/Product/Hooks.php#L117","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/browser/dokan-lite/tags/5.0.3/includes/Product/Hooks.php#L137","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/browser/dokan-lite/tags/5.0.3/includes/Product/Hooks.php#L161","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3578095%40dokan-lite&new=3578095%40dokan-lite&sfp_email=&sfph_mail=","source":"security@wordfence.com"},{"url":"https://www.wordfence.com/threat-intel/vulnerabilities/id/21065544-8a48-485b-88af-2e638b400de4?source=cve","source":"security@wordfence.com"}]}},{"cve":{"id":"CVE-2026-11987","sourceIdentifier":"security@wordfence.com","published":"2026-06-27T08:16:44.327","lastModified":"2026-06-29T20:17:32.477","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"The Dokan: AI Powered WooCommerce Multivendor Marketplace Solution – Build Your Own Amazon, eBay, Etsy plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 5.0.4 via the 'id' parameter due to missing validation on a user controlled key. This makes it possible for authenticated attackers, with subscriber-level access and above, to read any other vendor's products — including unpublished draft and pending listings — exposing product names, prices, SKUs, and descriptions belonging to other vendors. The permission callbacks for both the collection endpoint and the single-item endpoint only verify the generic vendor capability ('dokan_view_product_menu' / 'dokandar'), which every vendor holds, rather than confirming the requested author ID or product ownership matches the authenticated user."}],"affected":[{"source":"security@wordfence.com","affectedData":[{"vendor":"dokaninc","product":"Dokan: AI Powered WooCommerce Multivendor Marketplace Solution – Build Your Own Amazon, eBay, Etsy","defaultStatus":"unaffected","versions":[{"version":"0","lessThanOrEqual":"5.0.4","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"security@wordfence.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N","baseScore":4.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":1.4}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-29T19:02:35.809645Z","id":"CVE-2026-11987","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security@wordfence.com","type":"Secondary","description":[{"lang":"en","value":"CWE-639"}]}],"references":[{"url":"https://plugins.trac.wordpress.org/browser/dokan-lite/tags/4.3.3/includes/Abstracts/DokanRESTController.php#L299","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/browser/dokan-lite/tags/4.3.3/includes/Abstracts/DokanRESTController.php#L39","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/browser/dokan-lite/tags/4.3.3/includes/Abstracts/DokanRESTController.php#L66","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/browser/dokan-lite/tags/4.3.3/includes/REST/ProductController.php#L159","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/browser/dokan-lite/tags/4.3.3/includes/REST/ProductController.php#L473","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/browser/dokan-lite/tags/4.3.3/includes/REST/ProductController.php#L495","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/browser/dokan-lite/tags/5.0.4/includes/Abstracts/DokanRESTController.php#L299","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/browser/dokan-lite/tags/5.0.4/includes/Abstracts/DokanRESTController.php#L39","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/browser/dokan-lite/tags/5.0.4/includes/Abstracts/DokanRESTController.php#L66","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/browser/dokan-lite/tags/5.0.4/includes/REST/ProductController.php#L159","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/browser/dokan-lite/tags/5.0.4/includes/REST/ProductController.php#L473","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/browser/dokan-lite/tags/5.0.4/includes/REST/ProductController.php#L495","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3578095%40dokan-lite&new=3578095%40dokan-lite&sfp_email=&sfph_mail=","source":"security@wordfence.com"},{"url":"https://www.wordfence.com/threat-intel/vulnerabilities/id/1359945a-cf4e-4883-830b-53a3fcd40e56?source=cve","source":"security@wordfence.com"}]}},{"cve":{"id":"CVE-2026-12399","sourceIdentifier":"security@wordfence.com","published":"2026-06-27T08:16:44.443","lastModified":"2026-06-29T18:40:23.203","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"The Gutenverse – WordPress Blocks, Page Builder & Site Editor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 3.8.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with editor-level permissions and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. This only affects multi-site installations and installations where unfiltered_html has been disabled."}],"affected":[{"source":"security@wordfence.com","affectedData":[{"vendor":"jegstudio","product":"Gutenverse – WordPress Blocks, Page Builder & Site Editor","defaultStatus":"unaffected","versions":[{"version":"0","lessThanOrEqual":"3.8.0","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"security@wordfence.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N","baseScore":4.4,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":1.3,"impactScore":2.7}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-29T12:23:48.294132Z","id":"CVE-2026-12399","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security@wordfence.com","type":"Secondary","description":[{"lang":"en","value":"CWE-79"}]}],"references":[{"url":"https://plugins.trac.wordpress.org/browser/gutenverse/tags/3.6.3/lib/framework/helper.php#L1440","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/browser/gutenverse/tags/3.6.3/lib/framework/helper.php#L1775","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/browser/gutenverse/tags/3.6.3/lib/framework/includes/class-api.php#L1956","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/browser/gutenverse/tags/3.6.3/lib/framework/includes/class-frontend-generator.php#L147","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/browser/gutenverse/tags/3.6.3/lib/framework/includes/class-global-variable.php#L78","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/browser/gutenverse/tags/3.8.0/lib/framework/helper.php#L1440","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/browser/gutenverse/tags/3.8.0/lib/framework/helper.php#L1775","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/browser/gutenverse/tags/3.8.0/lib/framework/includes/class-api.php#L1956","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/browser/gutenverse/tags/3.8.0/lib/framework/includes/class-frontend-generator.php#L147","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/browser/gutenverse/tags/3.8.0/lib/framework/includes/class-global-variable.php#L78","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3578328%40gutenverse&new=3578328%40gutenverse&sfp_email=&sfph_mail=","source":"security@wordfence.com"},{"url":"https://www.wordfence.com/threat-intel/vulnerabilities/id/fd1c679b-43e0-4e3a-ae2d-f6ff8a657512?source=cve","source":"security@wordfence.com"}]}},{"cve":{"id":"CVE-2026-12432","sourceIdentifier":"security@wordfence.com","published":"2026-06-27T08:16:44.563","lastModified":"2026-06-29T18:40:23.203","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"The WP Full Stripe Free plugin for WordPress is vulnerable to Missing Authorization in versions up to, and including, 8.4.3 via the wpfs_update_failed_payment_status AJAX action. The handler is registered through both wp_ajax_ and wp_ajax_nopriv_ hooks and the underlying update_failed_payment_status() function performs no capability check, no nonce verification, and no logged-in check before calling $this->db->updatePaymentByEventId() with attacker-controlled POST parameters. This makes it possible for unauthenticated attackers who can obtain a valid Stripe Payment Intent ID for the target site (Payment Intent IDs are exposed to the customer browser during normal Stripe.js checkout flows) to manipulate payment records in the site's database, marking previously successful payments as failed and overwriting failure codes and messages with attacker-supplied values."}],"affected":[{"source":"security@wordfence.com","affectedData":[{"vendor":"themeisle","product":"Stripe Payment Forms by WP Full Pay – Accept Credit Card Payments, Donations & Subscriptions","defaultStatus":"unaffected","versions":[{"version":"0","lessThanOrEqual":"8.4.3","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"security@wordfence.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N","baseScore":5.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":1.4}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-29T13:50:40.970266Z","id":"CVE-2026-12432","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security@wordfence.com","type":"Secondary","description":[{"lang":"en","value":"CWE-862"}]}],"references":[{"url":"https://plugins.trac.wordpress.org/browser/wp-full-stripe-free/tags/8.4.1/includes/wpfs-customer.php#L3840","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/browser/wp-full-stripe-free/tags/8.4.1/includes/wpfs-customer.php#L3865","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/browser/wp-full-stripe-free/tags/8.4.1/includes/wpfs-customer.php#L706","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/browser/wp-full-stripe-free/tags/8.4.1/includes/wpfs-database.php#L2652","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/browser/wp-full-stripe-free/tags/8.4.3/includes/wpfs-customer.php#L3840","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/browser/wp-full-stripe-free/tags/8.4.3/includes/wpfs-customer.php#L3865","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/browser/wp-full-stripe-free/tags/8.4.3/includes/wpfs-customer.php#L706","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/browser/wp-full-stripe-free/tags/8.4.3/includes/wpfs-database.php#L2652","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3584355%40wp-full-stripe-free&new=3584355%40wp-full-stripe-free&sfp_email=&sfph_mail=","source":"security@wordfence.com"},{"url":"https://www.wordfence.com/threat-intel/vulnerabilities/id/c5811d13-0c5d-4a10-86a1-6318cc2e7663?source=cve","source":"security@wordfence.com"}]}},{"cve":{"id":"CVE-2026-12471","sourceIdentifier":"security@wordfence.com","published":"2026-06-27T08:16:44.680","lastModified":"2026-06-29T18:40:23.203","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"The Spexo theme for WordPress is vulnerable to unauthorized access due to a missing capability check on the activate_plugin function in all versions up to, and including, 2.0.11. This makes it possible for authenticated attackers, with Subscriber-level access and above, to activate a limited set of plugins."}],"affected":[{"source":"security@wordfence.com","affectedData":[{"vendor":"templatescoderthemes","product":"Spexo","defaultStatus":"unaffected","versions":[{"version":"0","lessThanOrEqual":"2.0.11","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"security@wordfence.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N","baseScore":4.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":1.4}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-29T14:48:18.110119Z","id":"CVE-2026-12471","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security@wordfence.com","type":"Secondary","description":[{"lang":"en","value":"CWE-862"}]}],"references":[{"url":"https://themes.trac.wordpress.org/browser/spexo/2.0.11/inc/activation/class-welcome-notice.php#L304","source":"security@wordfence.com"},{"url":"https://themes.trac.wordpress.org/browser/spexo/2.0.6/inc/activation/class-welcome-notice.php","source":"security@wordfence.com"},{"url":"https://themes.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=334799%40spexo&new=334799%40spexo&sfp_email=&sfph_mail=","source":"security@wordfence.com"},{"url":"https://www.wordfence.com/threat-intel/vulnerabilities/id/6ddf6da6-ec71-4206-8798-2c0c751b3209?source=cve","source":"security@wordfence.com"}]}},{"cve":{"id":"CVE-2026-13295","sourceIdentifier":"security@wordfence.com","published":"2026-06-27T08:16:44.800","lastModified":"2026-06-29T18:40:23.203","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"The Page Builder by SiteOrigin plugin for WordPress is vulnerable to Stored Cross-Site Scripting via panels_data Parameter in all versions up to, and including, 2.34.3 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. This is possible because the nonce and edit_post capability checks enforced during save are both satisfied by Contributor-level users for their own posts, and the panels_data value is stored as post meta — outside the scope of WordPress's unfiltered_html carve-out — meaning no wp_kses fallback prevents the unsanitized WP_Widget_Custom_HTML content from being persisted and later rendered verbatim on the frontend."}],"affected":[{"source":"security@wordfence.com","affectedData":[{"vendor":"gpriday","product":"Page Builder by SiteOrigin","defaultStatus":"unaffected","versions":[{"version":"0","lessThanOrEqual":"2.34.3","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"security@wordfence.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N","baseScore":6.4,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":3.1,"impactScore":2.7}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-29T12:21:29.138985Z","id":"CVE-2026-13295","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security@wordfence.com","type":"Secondary","description":[{"lang":"en","value":"CWE-79"}]}],"references":[{"url":"https://plugins.trac.wordpress.org/browser/siteorigin-panels/tags/2.34.1/inc/admin.php#L1085","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/browser/siteorigin-panels/tags/2.34.1/inc/admin.php#L236","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/browser/siteorigin-panels/tags/2.34.1/inc/admin.php#L254","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/browser/siteorigin-panels/tags/2.34.1/inc/renderer.php#L950","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/browser/siteorigin-panels/tags/2.34.3/inc/admin.php#L1085","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/browser/siteorigin-panels/tags/2.34.3/inc/admin.php#L236","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/browser/siteorigin-panels/tags/2.34.3/inc/admin.php#L254","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/browser/siteorigin-panels/tags/2.34.3/inc/renderer.php#L950","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3585987%40siteorigin-panels&new=3585987%40siteorigin-panels&sfp_email=&sfph_mail=","source":"security@wordfence.com"},{"url":"https://www.wordfence.com/threat-intel/vulnerabilities/id/7830b3dc-7d20-4516-b4d6-57636ca773e9?source=cve","source":"security@wordfence.com"}]}},{"cve":{"id":"CVE-2026-3462","sourceIdentifier":"security@wordfence.com","published":"2026-06-27T08:16:44.923","lastModified":"2026-06-29T18:40:23.203","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"The Frisbii Pay plugin for WordPress is vulnerable to unauthorized modification of data due to missing capability checks on the 'upload_csv' and 'process_batch' functions in all versions up to, and including, 1.8.9. This makes it possible for authenticated attackers, with Subscriber-level access and above, to upload arbitrary CSV data and overwrite WooCommerce payment tokens, postmeta, and order meta records."}],"affected":[{"source":"security@wordfence.com","affectedData":[{"vendor":"reepaydenmark","product":"Frisbii Pay","defaultStatus":"unaffected","versions":[{"version":"0","lessThanOrEqual":"1.8.9","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"security@wordfence.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-29T13:12:44.966866Z","id":"CVE-2026-3462","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security@wordfence.com","type":"Secondary","description":[{"lang":"en","value":"CWE-862"}]}],"references":[{"url":"https://plugins.trac.wordpress.org/browser/reepay-checkout-gateway/trunk/includes/Admin/MigrationMobilepayToVipps.php#L129","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/browser/reepay-checkout-gateway/trunk/includes/Admin/MigrationMobilepayToVipps.php#L170","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/browser/reepay-checkout-gateway/trunk/includes/Admin/MigrationMobilepayToVipps.php#L42","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/changeset/3485246/","source":"security@wordfence.com"},{"url":"https://www.wordfence.com/threat-intel/vulnerabilities/id/cf1ca22a-7fb6-457c-bde0-83f6744185be?source=cve","source":"security@wordfence.com"}]}},{"cve":{"id":"CVE-2026-9233","sourceIdentifier":"security@wordfence.com","published":"2026-06-27T08:16:45.770","lastModified":"2026-06-29T20:17:41.413","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"The Quiz and Survey Master (QSM) – Easy Quiz and Survey Maker plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 11.1.4. This is due to the plugin not properly verifying that a user is authorized to perform an action. This makes it possible for authenticated attackers, with contributor-level access and above, to create, modify, and delete quiz output templates stored in the mlw_quiz_output_templates database table, including storing unsanitized HTML content such as arbitrary script tags."}],"affected":[{"source":"security@wordfence.com","affectedData":[{"vendor":"expresstech","product":"Quiz and Survey Master (QSM) – Easy Quiz and Survey Maker","defaultStatus":"unaffected","versions":[{"version":"0","lessThanOrEqual":"11.1.4","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"security@wordfence.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N","baseScore":4.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":1.4}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-29T19:04:11.317122Z","id":"CVE-2026-9233","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security@wordfence.com","type":"Secondary","description":[{"lang":"en","value":"CWE-862"}]}],"references":[{"url":"https://plugins.trac.wordpress.org/browser/quiz-master-next/tags/11.0.0/mlw_quizmaster2.php#L931","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/browser/quiz-master-next/tags/11.0.0/php/admin/functions.php#L1557","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/browser/quiz-master-next/tags/11.0.0/php/admin/functions.php#L1563","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/browser/quiz-master-next/tags/11.0.0/php/admin/functions.php#L1638","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/browser/quiz-master-next/tags/11.0.0/php/admin/options-page-email-tab.php#L52","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/browser/quiz-master-next/tags/11.1.2/mlw_quizmaster2.php#L931","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/browser/quiz-master-next/tags/11.1.2/php/admin/functions.php#L1557","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/browser/quiz-master-next/tags/11.1.2/php/admin/functions.php#L1563","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/browser/quiz-master-next/tags/11.1.2/php/admin/functions.php#L1638","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/browser/quiz-master-next/tags/11.1.2/php/admin/options-page-email-tab.php#L52","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3570062%40quiz-master-next&new=3570062%40quiz-master-next&sfp_email=&sfph_mail=","source":"security@wordfence.com"},{"url":"https://www.wordfence.com/threat-intel/vulnerabilities/id/38db911b-cad5-4c8c-b0a4-70dc543b4591?source=cve","source":"security@wordfence.com"}]}},{"cve":{"id":"CVE-2026-9242","sourceIdentifier":"security@wordfence.com","published":"2026-06-27T08:16:45.893","lastModified":"2026-06-29T18:40:23.203","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"The RegistrationMagic – Custom Registration Forms, User Registration, Payment, and User Login plugin for WordPress is vulnerable to Authentication Bypass via Insufficient Verification of Data Authenticity in all versions up to and including 6.0.8.6. This is due to the PayPal IPN `callback` handler being registered as a nopriv AJAX action with no authentication or nonce requirement, and critically because the handler updates the payment log database row with attacker-controlled POST data — including `payment_status` and the `custom` field encoding the target `user_id` — before PayPal IPN validation is performed, meaning the database remains poisoned even when validation subsequently fails. This makes it possible for unauthenticated attackers to authenticate as any WordPress user, including administrators, by submitting a forged IPN request that overwrites a payment log entry's `user_id` with that of a target account, then visiting the success return URL with a legitimately obtained security hash to cause the plugin to issue real WordPress authentication cookies for the targeted account."}],"affected":[{"source":"security@wordfence.com","affectedData":[{"vendor":"metagauss","product":"RegistrationMagic – Custom Registration Forms, User Registration, Payment, and User Login","defaultStatus":"unaffected","versions":[{"version":"0","lessThanOrEqual":"6.0.8.6","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"security@wordfence.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N","baseScore":5.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":1.4}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-29T12:22:27.759989Z","id":"CVE-2026-9242","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security@wordfence.com","type":"Secondary","description":[{"lang":"en","value":"CWE-345"}]}],"references":[{"url":"https://plugins.trac.wordpress.org/browser/custom-registration-form-builder-with-submission-manager/tags/6.0.8.1/includes/class_rm_utilities.php#L1384","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/browser/custom-registration-form-builder-with-submission-manager/tags/6.0.8.1/public/class_rm_public.php#L728","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/browser/custom-registration-form-builder-with-submission-manager/tags/6.0.8.1/services/class_rm_paypal_service.php#L110","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/browser/custom-registration-form-builder-with-submission-manager/tags/6.0.8.1/services/class_rm_paypal_service.php#L155","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/browser/custom-registration-form-builder-with-submission-manager/tags/6.0.8.4/includes/class_rm_utilities.php#L1384","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/browser/custom-registration-form-builder-with-submission-manager/tags/6.0.8.4/public/class_rm_public.php#L728","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/browser/custom-registration-form-builder-with-submission-manager/tags/6.0.8.4/services/class_rm_paypal_service.php#L110","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/browser/custom-registration-form-builder-with-submission-manager/tags/6.0.8.4/services/class_rm_paypal_service.php#L155","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/browser/custom-registration-form-builder-with-submission-manager/trunk/includes/class_rm_utilities.php#L1384","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/browser/custom-registration-form-builder-with-submission-manager/trunk/public/class_rm_public.php#L728","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/browser/custom-registration-form-builder-with-submission-manager/trunk/services/class_rm_paypal_service.php#L110","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/browser/custom-registration-form-builder-with-submission-manager/trunk/services/class_rm_paypal_service.php#L155","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3532900%40custom-registration-form-builder-with-submission-manager&new=3532900%40custom-registration-form-builder-with-submission-manager&sfp_email=&sfph_mail=","source":"security@wordfence.com"},{"url":"https://www.wordfence.com/threat-intel/vulnerabilities/id/1dcf68fd-e9d3-4a46-8bd4-15c2598b91fe?source=cve","source":"security@wordfence.com"}]}},{"cve":{"id":"CVE-2026-8095","sourceIdentifier":"security@wordfence.com","published":"2026-06-28T00:16:25.180","lastModified":"2026-06-29T18:40:23.203","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"The Frontend File Manager Plugin plugin for WordPress is vulnerable to Authenticated Arbitrary File Deletion in versions up to and including 23.6. This is due to a case-sensitive bypass of the wpfm_dir_path parameter sanitization in the wpfm_file_meta_update AJAX handler, where supplying WPFM_DIR_PATH in uppercase evades the unset check and is normalized to wpfm_dir_path by sanitize_key() during update_post_meta(), allowing an attacker to overwrite the stored file path with an arbitrary filesystem path that is then passed directly to unlink() in delete_file_locally() without any directory containment validation. This makes it possible for authenticated attackers with Subscriber-level access to delete arbitrary files on the server, including sensitive files such as wp-config.php, potentially leading to full site takeover."}],"affected":[{"source":"security@wordfence.com","affectedData":[{"vendor":"nmedia","product":"Frontend File Manager Plugin","defaultStatus":"unaffected","versions":[{"version":"0","lessThanOrEqual":"23.6","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"security@wordfence.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H","baseScore":8.1,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.2}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-29T13:51:23.176919Z","id":"CVE-2026-8095","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security@wordfence.com","type":"Secondary","description":[{"lang":"en","value":"CWE-73"}]}],"references":[{"url":"https://plugins.trac.wordpress.org/browser/nmedia-user-file-uploader/tags/23.6/inc/file.class.php#L729","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/browser/nmedia-user-file-uploader/tags/23.6/inc/files.php#L767","source":"security@wordfence.com"},{"url":"https://www.wordfence.com/threat-intel/vulnerabilities/id/506006ce-7b1c-4f9d-93f3-abc87abea2bb?source=cve","source":"security@wordfence.com"}]}},{"cve":{"id":"CVE-2026-58054","sourceIdentifier":"disclosure@vulncheck.com","published":"2026-06-28T02:16:32.550","lastModified":"2026-06-29T19:22:57.460","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"MyBB 1.8.40 does not restrict which usergroup a limited Admin Control Panel user may assign when creating or editing users; the user module offers the Administrators group (gid 4) and its datahandler's verify_usergroup() unconditionally returns true. An admin holding only the delegated user-management permission can assign the Administrators group to an account and escalate to the full Administrator permission set."}],"affected":[{"source":"disclosure@vulncheck.com","affectedData":[{"vendor":"MyBB","product":"MyBB","defaultStatus":"affected","versions":[{"version":"0","lessThanOrEqual":"1.8.40","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"disclosure@vulncheck.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":8.6,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"HIGH","userInteraction":"NONE","vulnConfidentialityImpact":"HIGH","vulnIntegrityImpact":"HIGH","vulnAvailabilityImpact":"HIGH","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"disclosure@vulncheck.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H","baseScore":7.2,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.2,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-29T13:03:18.669621Z","id":"CVE-2026-58054","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"disclosure@vulncheck.com","type":"Secondary","description":[{"lang":"en","value":"CWE-269"}]}],"references":[{"url":"https://github.com/bikini/exploitarium/tree/main/mybb-limited-acp-to-admin","source":"disclosure@vulncheck.com"},{"url":"https://www.vulncheck.com/advisories/mybb-privilege-escalation-from-limited-acp-user-management-to-administrator","source":"disclosure@vulncheck.com"}]}},{"cve":{"id":"CVE-2026-58056","sourceIdentifier":"disclosure@vulncheck.com","published":"2026-06-28T02:16:32.860","lastModified":"2026-06-29T19:15:23.213","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"RustDesk gates incoming control messages on per-capability flags rather than on the session's authorized connection type, and a file-transfer session does not clear those flags. A peer holding only a valid FileTransfer authorization can inject keyboard and mouse input and reach the unguarded screenshot and display-capture handlers, acting outside its granted scope."}],"affected":[{"source":"disclosure@vulncheck.com","affectedData":[{"vendor":"RustDesk","product":"RustDesk","defaultStatus":"affected","versions":[{"version":"0","lessThanOrEqual":"ff226f6d8013dee2de5a6553abaf67bf32b3e875","versionType":"git","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"disclosure@vulncheck.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:H/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":7.2,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"LOW","userInteraction":"NONE","vulnConfidentialityImpact":"LOW","vulnIntegrityImpact":"HIGH","vulnAvailabilityImpact":"LOW","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"disclosure@vulncheck.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:L","baseScore":7.6,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"HIGH","availabilityImpact":"LOW"},"exploitabilityScore":2.8,"impactScore":4.7}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-29T12:29:19.790048Z","id":"CVE-2026-58056","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"disclosure@vulncheck.com","type":"Secondary","description":[{"lang":"en","value":"CWE-863"}]}],"references":[{"url":"https://github.com/bikini/exploitarium/tree/main/rustdesk-session-permission-pocs","source":"disclosure@vulncheck.com"},{"url":"https://www.vulncheck.com/advisories/rustdesk-filetransfer-session-authorization-scope-bypass","source":"disclosure@vulncheck.com"}]}},{"cve":{"id":"CVE-2026-13482","sourceIdentifier":"cna@vuldb.com","published":"2026-06-28T05:16:21.200","lastModified":"2026-06-29T18:46:31.617","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"A vulnerability was detected in skypilot-org skypilot up to 0.12.0. Impacted is the function username.encode of the file sky/users/server.py of the component User ID Handler. The manipulation results in use of weak hash. The attack may be performed from remote. This attack is characterized by high complexity. The exploitability is considered difficult. The exploit is now public and may be used. The vendor was contacted early about this disclosure."}],"affected":[{"source":"cna@vuldb.com","affectedData":[{"vendor":"skypilot-org","product":"skypilot","cpes":["cpe:2.3:a:skypilot-org:skypilot:*:*:*:*:*:*:*:*"],"modules":["User ID Handler"],"versions":[{"version":"0.1","status":"affected"},{"version":"0.2","status":"affected"},{"version":"0.3","status":"affected"},{"version":"0.4","status":"affected"},{"version":"0.5","status":"affected"},{"version":"0.6","status":"affected"},{"version":"0.7","status":"affected"},{"version":"0.8","status":"affected"},{"version":"0.9","status":"affected"},{"version":"0.10","status":"affected"},{"version":"0.11","status":"affected"},{"version":"0.12.0","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"cna@vuldb.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":2.9,"baseSeverity":"LOW","attackVector":"NETWORK","attackComplexity":"HIGH","attackRequirements":"NONE","privilegesRequired":"NONE","userInteraction":"NONE","vulnConfidentialityImpact":"NONE","vulnIntegrityImpact":"LOW","vulnAvailabilityImpact":"NONE","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"PROOF_OF_CONCEPT","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"cna@vuldb.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N","baseScore":3.7,"baseSeverity":"LOW","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.2,"impactScore":1.4}],"cvssMetricV2":[{"source":"cna@vuldb.com","type":"Secondary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:H/Au:N/C:N/I:P/A:N","baseScore":2.6,"accessVector":"NETWORK","accessComplexity":"HIGH","authentication":"NONE","confidentialityImpact":"NONE","integrityImpact":"PARTIAL","availabilityImpact":"NONE"},"baseSeverity":"LOW","exploitabilityScore":4.9,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-29T13:49:17.325530Z","id":"CVE-2026-13482","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"cna@vuldb.com","type":"Secondary","description":[{"lang":"en","value":"CWE-327"},{"lang":"en","value":"CWE-328"}]}],"references":[{"url":"https://github.com/skypilot-org/skypilot/","source":"cna@vuldb.com"},{"url":"https://github.com/skypilot-org/skypilot/issues/9194","source":"cna@vuldb.com"},{"url":"https://vuldb.com/cve/CVE-2026-13482","source":"cna@vuldb.com"},{"url":"https://vuldb.com/submit/789927","source":"cna@vuldb.com"},{"url":"https://vuldb.com/vuln/374479","source":"cna@vuldb.com"},{"url":"https://vuldb.com/vuln/374479/cti","source":"cna@vuldb.com"}]}},{"cve":{"id":"CVE-2026-13483","sourceIdentifier":"cna@vuldb.com","published":"2026-06-28T07:16:21.417","lastModified":"2026-06-29T18:43:23.110","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"A flaw has been found in arc53 DocsGPT up to 0.18.0. The affected element is the function encrypt_credentials of the file application/security/encryption.py of the component Credential Storage. This manipulation causes insufficient verification of data authenticity. It is possible to initiate the attack remotely. The complexity of an attack is rather high. The exploitability is described as difficult. The exploit has been published and may be used. The pull request to fix this issue awaits acceptance."}],"affected":[{"source":"cna@vuldb.com","affectedData":[{"vendor":"arc53","product":"DocsGPT","cpes":["cpe:2.3:a:arc53:docsgpt:*:*:*:*:*:*:*:*"],"modules":["Credential Storage"],"versions":[{"version":"0.1","status":"affected"},{"version":"0.2","status":"affected"},{"version":"0.3","status":"affected"},{"version":"0.4","status":"affected"},{"version":"0.5","status":"affected"},{"version":"0.6","status":"affected"},{"version":"0.7","status":"affected"},{"version":"0.8","status":"affected"},{"version":"0.9","status":"affected"},{"version":"0.10","status":"affected"},{"version":"0.11","status":"affected"},{"version":"0.12","status":"affected"},{"version":"0.13","status":"affected"},{"version":"0.14","status":"affected"},{"version":"0.15","status":"affected"},{"version":"0.16","status":"affected"},{"version":"0.17","status":"affected"},{"version":"0.18.0","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"cna@vuldb.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":1.3,"baseSeverity":"LOW","attackVector":"NETWORK","attackComplexity":"HIGH","attackRequirements":"NONE","privilegesRequired":"LOW","userInteraction":"NONE","vulnConfidentialityImpact":"NONE","vulnIntegrityImpact":"LOW","vulnAvailabilityImpact":"NONE","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"PROOF_OF_CONCEPT","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"cna@vuldb.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N","baseScore":3.1,"baseSeverity":"LOW","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":1.6,"impactScore":1.4}],"cvssMetricV2":[{"source":"cna@vuldb.com","type":"Secondary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:H/Au:S/C:N/I:P/A:N","baseScore":2.1,"accessVector":"NETWORK","accessComplexity":"HIGH","authentication":"SINGLE","confidentialityImpact":"NONE","integrityImpact":"PARTIAL","availabilityImpact":"NONE"},"baseSeverity":"LOW","exploitabilityScore":3.9,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-29T13:01:31.061832Z","id":"CVE-2026-13483","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"cna@vuldb.com","type":"Secondary","description":[{"lang":"en","value":"CWE-345"}]}],"references":[{"url":"https://github.com/arc53/DocsGPT/","source":"cna@vuldb.com"},{"url":"https://github.com/arc53/DocsGPT/issues/2503","source":"cna@vuldb.com"},{"url":"https://github.com/arc53/DocsGPT/pull/2331","source":"cna@vuldb.com"},{"url":"https://vuldb.com/cve/CVE-2026-13483","source":"cna@vuldb.com"},{"url":"https://vuldb.com/submit/837646","source":"cna@vuldb.com"},{"url":"https://vuldb.com/vuln/374480","source":"cna@vuldb.com"},{"url":"https://vuldb.com/vuln/374480/cti","source":"cna@vuldb.com"}]}},{"cve":{"id":"CVE-2026-13485","sourceIdentifier":"cna@vuldb.com","published":"2026-06-28T10:16:26.133","lastModified":"2026-06-29T18:43:23.110","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"A vulnerability was found in SourceCodester Class and Exam Timetabling System 1.0. This affects an unknown function of the file /preview.php. Performing a manipulation of the argument course_year_section results in sql injection. The attack can be initiated remotely. The exploit has been made public and could be used."}],"affected":[{"source":"cna@vuldb.com","affectedData":[{"vendor":"SourceCodester","product":"Class and Exam Timetabling System","cpes":["cpe:2.3:a:sourcecodester:class_and_exam_timetabling_system:*:*:*:*:*:*:*:*"],"versions":[{"version":"1.0","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"cna@vuldb.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":5.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"NONE","userInteraction":"NONE","vulnConfidentialityImpact":"LOW","vulnIntegrityImpact":"LOW","vulnAvailabilityImpact":"LOW","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"PROOF_OF_CONCEPT","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"cna@vuldb.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L","baseScore":7.3,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"LOW"},"exploitabilityScore":3.9,"impactScore":3.4}],"cvssMetricV2":[{"source":"cna@vuldb.com","type":"Secondary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:P/I:P/A:P","baseScore":7.5,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"HIGH","exploitabilityScore":10.0,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-29T12:27:55.576936Z","id":"CVE-2026-13485","options":[{"exploitation":"poc"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"cna@vuldb.com","type":"Secondary","description":[{"lang":"en","value":"CWE-74"},{"lang":"en","value":"CWE-89"}]}],"references":[{"url":"https://github.com/lffaker/cybersec/issues/6","source":"cna@vuldb.com"},{"url":"https://vuldb.com/cve/CVE-2026-13485","source":"cna@vuldb.com"},{"url":"https://vuldb.com/submit/838185","source":"cna@vuldb.com"},{"url":"https://vuldb.com/vuln/374482","source":"cna@vuldb.com"},{"url":"https://vuldb.com/vuln/374482/cti","source":"cna@vuldb.com"},{"url":"https://www.sourcecodester.com/","source":"cna@vuldb.com"}]}},{"cve":{"id":"CVE-2026-13486","sourceIdentifier":"cna@vuldb.com","published":"2026-06-28T10:16:27.150","lastModified":"2026-06-29T18:43:23.110","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"A vulnerability was determined in SourceCodester Class and Exam Timetabling System 1.0/6.php. This impacts an unknown function of the file /preview6.php. Executing a manipulation of the argument course_year_section can lead to sql injection. The attack can be launched remotely. The exploit has been publicly disclosed and may be utilized."}],"affected":[{"source":"cna@vuldb.com","affectedData":[{"vendor":"SourceCodester","product":"Class and Exam Timetabling System","cpes":["cpe:2.3:a:sourcecodester:class_and_exam_timetabling_system:*:*:*:*:*:*:*:*"],"versions":[{"version":"1.0","status":"affected"},{"version":"6.php","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"cna@vuldb.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":5.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"NONE","userInteraction":"NONE","vulnConfidentialityImpact":"LOW","vulnIntegrityImpact":"LOW","vulnAvailabilityImpact":"LOW","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"PROOF_OF_CONCEPT","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"cna@vuldb.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L","baseScore":7.3,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"LOW"},"exploitabilityScore":3.9,"impactScore":3.4}],"cvssMetricV2":[{"source":"cna@vuldb.com","type":"Secondary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:P/I:P/A:P","baseScore":7.5,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"HIGH","exploitabilityScore":10.0,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-29T12:30:34.647562Z","id":"CVE-2026-13486","options":[{"exploitation":"poc"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"cna@vuldb.com","type":"Secondary","description":[{"lang":"en","value":"CWE-74"},{"lang":"en","value":"CWE-89"}]}],"references":[{"url":"https://github.com/lffaker/cybersec/issues/5","source":"cna@vuldb.com"},{"url":"https://vuldb.com/cve/CVE-2026-13486","source":"cna@vuldb.com"},{"url":"https://vuldb.com/submit/838188","source":"cna@vuldb.com"},{"url":"https://vuldb.com/vuln/374483","source":"cna@vuldb.com"},{"url":"https://vuldb.com/vuln/374483/cti","source":"cna@vuldb.com"},{"url":"https://www.sourcecodester.com/","source":"cna@vuldb.com"}]}},{"cve":{"id":"CVE-2026-13487","sourceIdentifier":"cna@vuldb.com","published":"2026-06-28T11:16:26.660","lastModified":"2026-06-29T18:46:31.617","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"A vulnerability was identified in SourceCodester Class and Exam Timetabling System 1.0. Affected is an unknown function of the file /archive.php. The manipulation of the argument sy leads to sql injection. The attack may be initiated remotely. The exploit is publicly available and might be used."}],"affected":[{"source":"cna@vuldb.com","affectedData":[{"vendor":"SourceCodester","product":"Class and Exam Timetabling System","cpes":["cpe:2.3:a:sourcecodester:class_and_exam_timetabling_system:*:*:*:*:*:*:*:*"],"versions":[{"version":"1.0","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"cna@vuldb.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":5.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"NONE","userInteraction":"NONE","vulnConfidentialityImpact":"LOW","vulnIntegrityImpact":"LOW","vulnAvailabilityImpact":"LOW","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"PROOF_OF_CONCEPT","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"cna@vuldb.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L","baseScore":7.3,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"LOW"},"exploitabilityScore":3.9,"impactScore":3.4}],"cvssMetricV2":[{"source":"cna@vuldb.com","type":"Secondary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:P/I:P/A:P","baseScore":7.5,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"HIGH","exploitabilityScore":10.0,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-29T13:36:43.894976Z","id":"CVE-2026-13487","options":[{"exploitation":"poc"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"cna@vuldb.com","type":"Secondary","description":[{"lang":"en","value":"CWE-74"},{"lang":"en","value":"CWE-89"}]}],"references":[{"url":"https://github.com/lffaker/cybersec/issues/4","source":"cna@vuldb.com"},{"url":"https://vuldb.com/cve/CVE-2026-13487","source":"cna@vuldb.com"},{"url":"https://vuldb.com/submit/838189","source":"cna@vuldb.com"},{"url":"https://vuldb.com/vuln/374484","source":"cna@vuldb.com"},{"url":"https://vuldb.com/vuln/374484/cti","source":"cna@vuldb.com"},{"url":"https://www.sourcecodester.com/","source":"cna@vuldb.com"}]}},{"cve":{"id":"CVE-2026-13488","sourceIdentifier":"cna@vuldb.com","published":"2026-06-28T11:16:27.483","lastModified":"2026-06-29T18:46:31.617","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"A security flaw has been discovered in SourceCodester Class and Exam Timetabling System 1.0/7.php. Affected by this vulnerability is an unknown functionality of the file /preview7.php. The manipulation of the argument course_year_section results in sql injection. The attack may be launched remotely. The exploit has been released to the public and may be used for attacks."}],"affected":[{"source":"cna@vuldb.com","affectedData":[{"vendor":"SourceCodester","product":"Class and Exam Timetabling System","cpes":["cpe:2.3:a:sourcecodester:class_and_exam_timetabling_system:*:*:*:*:*:*:*:*"],"versions":[{"version":"1.0","status":"affected"},{"version":"7.php","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"cna@vuldb.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":5.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"NONE","userInteraction":"NONE","vulnConfidentialityImpact":"LOW","vulnIntegrityImpact":"LOW","vulnAvailabilityImpact":"LOW","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"PROOF_OF_CONCEPT","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"cna@vuldb.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L","baseScore":7.3,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"LOW"},"exploitabilityScore":3.9,"impactScore":3.4}],"cvssMetricV2":[{"source":"cna@vuldb.com","type":"Secondary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:P/I:P/A:P","baseScore":7.5,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"HIGH","exploitabilityScore":10.0,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-29T13:49:53.022170Z","id":"CVE-2026-13488","options":[{"exploitation":"poc"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"cna@vuldb.com","type":"Secondary","description":[{"lang":"en","value":"CWE-74"},{"lang":"en","value":"CWE-89"}]}],"references":[{"url":"https://github.com/yan-124/yan/issues/4","source":"cna@vuldb.com"},{"url":"https://vuldb.com/cve/CVE-2026-13488","source":"cna@vuldb.com"},{"url":"https://vuldb.com/submit/838190","source":"cna@vuldb.com"},{"url":"https://vuldb.com/vuln/374485","source":"cna@vuldb.com"},{"url":"https://vuldb.com/vuln/374485/cti","source":"cna@vuldb.com"},{"url":"https://www.sourcecodester.com/","source":"cna@vuldb.com"}]}},{"cve":{"id":"CVE-2026-13489","sourceIdentifier":"cna@vuldb.com","published":"2026-06-28T12:17:03.170","lastModified":"2026-06-29T18:43:23.110","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"A weakness has been identified in 78 xiaozhi-esp32 up to 2.2.6. Affected by this issue is the function ParseMessage of the file main/mcp_server.cc of the component MCP Response Handler. This manipulation causes improper synchronization. Remote exploitation of the attack is possible. The attack's complexity is rated as high. The exploitation is known to be difficult. The exploit has been made available to the public and could be used for attacks. The pull request to fix this issue awaits acceptance."}],"affected":[{"source":"cna@vuldb.com","affectedData":[{"vendor":"78","product":"xiaozhi-esp32","cpes":["cpe:2.3:a:78:xiaozhi-esp32:*:*:*:*:*:*:*:*"],"modules":["MCP Response Handler"],"versions":[{"version":"2.2.0","status":"affected"},{"version":"2.2.1","status":"affected"},{"version":"2.2.2","status":"affected"},{"version":"2.2.3","status":"affected"},{"version":"2.2.4","status":"affected"},{"version":"2.2.5","status":"affected"},{"version":"2.2.6","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"cna@vuldb.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":1.3,"baseSeverity":"LOW","attackVector":"NETWORK","attackComplexity":"HIGH","attackRequirements":"NONE","privilegesRequired":"LOW","userInteraction":"NONE","vulnConfidentialityImpact":"NONE","vulnIntegrityImpact":"LOW","vulnAvailabilityImpact":"NONE","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"PROOF_OF_CONCEPT","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"cna@vuldb.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N","baseScore":3.1,"baseSeverity":"LOW","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":1.6,"impactScore":1.4}],"cvssMetricV2":[{"source":"cna@vuldb.com","type":"Secondary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:H/Au:S/C:N/I:P/A:N","baseScore":2.1,"accessVector":"NETWORK","accessComplexity":"HIGH","authentication":"SINGLE","confidentialityImpact":"NONE","integrityImpact":"PARTIAL","availabilityImpact":"NONE"},"baseSeverity":"LOW","exploitabilityScore":3.9,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-29T13:00:53.902441Z","id":"CVE-2026-13489","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"cna@vuldb.com","type":"Secondary","description":[{"lang":"en","value":"CWE-662"}]}],"references":[{"url":"https://github.com/78/xiaozhi-esp32/","source":"cna@vuldb.com"},{"url":"https://github.com/78/xiaozhi-esp32/issues/2020","source":"cna@vuldb.com"},{"url":"https://github.com/78/xiaozhi-esp32/pull/2021","source":"cna@vuldb.com"},{"url":"https://vuldb.com/cve/CVE-2026-13489","source":"cna@vuldb.com"},{"url":"https://vuldb.com/submit/838198","source":"cna@vuldb.com"},{"url":"https://vuldb.com/vuln/374486","source":"cna@vuldb.com"},{"url":"https://vuldb.com/vuln/374486/cti","source":"cna@vuldb.com"}]}},{"cve":{"id":"CVE-2026-13491","sourceIdentifier":"cna@vuldb.com","published":"2026-06-28T12:17:03.513","lastModified":"2026-06-29T18:43:23.110","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"A vulnerability was detected in 78 xiaozhi-esp32 up to 2.2.6. This vulnerability affects the function Application::GetInstance of the file main/protocols/mqtt_protocol.cc of the component MQTT Goodbye Handler. Performing a manipulation of the argument session_id results in denial of service. The attack is possible to be carried out remotely. The complexity of an attack is rather high. It is stated that the exploitability is difficult. The exploit is now public and may be used. The patch is named e182471f8c5a22434346bd98da34d3b66c8c8b3e. It is recommended to apply a patch to fix this issue."}],"affected":[{"source":"cna@vuldb.com","affectedData":[{"vendor":"78","product":"xiaozhi-esp32","cpes":["cpe:2.3:a:78:xiaozhi-esp32:*:*:*:*:*:*:*:*"],"modules":["MQTT Goodbye Handler"],"versions":[{"version":"2.2.0","status":"affected"},{"version":"2.2.1","status":"affected"},{"version":"2.2.2","status":"affected"},{"version":"2.2.3","status":"affected"},{"version":"2.2.4","status":"affected"},{"version":"2.2.5","status":"affected"},{"version":"2.2.6","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"cna@vuldb.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":2.9,"baseSeverity":"LOW","attackVector":"NETWORK","attackComplexity":"HIGH","attackRequirements":"NONE","privilegesRequired":"NONE","userInteraction":"NONE","vulnConfidentialityImpact":"NONE","vulnIntegrityImpact":"NONE","vulnAvailabilityImpact":"LOW","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"PROOF_OF_CONCEPT","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"cna@vuldb.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L","baseScore":3.7,"baseSeverity":"LOW","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"LOW"},"exploitabilityScore":2.2,"impactScore":1.4}],"cvssMetricV2":[{"source":"cna@vuldb.com","type":"Secondary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:H/Au:N/C:N/I:N/A:P","baseScore":2.6,"accessVector":"NETWORK","accessComplexity":"HIGH","authentication":"NONE","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"PARTIAL"},"baseSeverity":"LOW","exploitabilityScore":4.9,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-29T12:28:44.324743Z","id":"CVE-2026-13491","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"cna@vuldb.com","type":"Secondary","description":[{"lang":"en","value":"CWE-404"}]}],"references":[{"url":"https://github.com/78/xiaozhi-esp32/","source":"cna@vuldb.com"},{"url":"https://github.com/78/xiaozhi-esp32/commit/e182471f8c5a22434346bd98da34d3b66c8c8b3e","source":"cna@vuldb.com"},{"url":"https://github.com/78/xiaozhi-esp32/issues/2022","source":"cna@vuldb.com"},{"url":"https://github.com/78/xiaozhi-esp32/pull/2023","source":"cna@vuldb.com"},{"url":"https://vuldb.com/cve/CVE-2026-13491","source":"cna@vuldb.com"},{"url":"https://vuldb.com/submit/838439","source":"cna@vuldb.com"},{"url":"https://vuldb.com/vuln/374488","source":"cna@vuldb.com"},{"url":"https://vuldb.com/vuln/374488/cti","source":"cna@vuldb.com"}]}},{"cve":{"id":"CVE-2026-13493","sourceIdentifier":"cna@vuldb.com","published":"2026-06-28T13:16:51.837","lastModified":"2026-06-29T18:43:23.110","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"A flaw has been found in AIDC-AI ComfyUI-Copilot up to 2.0.28. This issue affects some unknown processing of the file backend/controller/conversation_api.py of the component Workflow Checkpoint Restore Handler. Executing a manipulation can lead to improper control of resource identifiers. The attack may be performed from remote. A high complexity level is associated with this attack. The exploitability is assessed as difficult. The exploit has been published and may be used. The pull request to fix this issue awaits acceptance."}],"affected":[{"source":"cna@vuldb.com","affectedData":[{"vendor":"AIDC-AI","product":"ComfyUI-Copilot","cpes":["cpe:2.3:a:aidc-ai:comfyui-copilot:*:*:*:*:*:*:*:*"],"modules":["Workflow Checkpoint Restore Handler"],"versions":[{"version":"2.0.0","status":"affected"},{"version":"2.0.1","status":"affected"},{"version":"2.0.2","status":"affected"},{"version":"2.0.3","status":"affected"},{"version":"2.0.4","status":"affected"},{"version":"2.0.5","status":"affected"},{"version":"2.0.6","status":"affected"},{"version":"2.0.7","status":"affected"},{"version":"2.0.8","status":"affected"},{"version":"2.0.9","status":"affected"},{"version":"2.0.10","status":"affected"},{"version":"2.0.11","status":"affected"},{"version":"2.0.12","status":"affected"},{"version":"2.0.13","status":"affected"},{"version":"2.0.14","status":"affected"},{"version":"2.0.15","status":"affected"},{"version":"2.0.16","status":"affected"},{"version":"2.0.17","status":"affected"},{"version":"2.0.18","status":"affected"},{"version":"2.0.19","status":"affected"},{"version":"2.0.20","status":"affected"},{"version":"2.0.21","status":"affected"},{"version":"2.0.22","status":"affected"},{"version":"2.0.23","status":"affected"},{"version":"2.0.24","status":"affected"},{"version":"2.0.25","status":"affected"},{"version":"2.0.26","status":"affected"},{"version":"2.0.27","status":"affected"},{"version":"2.0.28","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"cna@vuldb.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":1.3,"baseSeverity":"LOW","attackVector":"NETWORK","attackComplexity":"HIGH","attackRequirements":"NONE","privilegesRequired":"LOW","userInteraction":"NONE","vulnConfidentialityImpact":"LOW","vulnIntegrityImpact":"NONE","vulnAvailabilityImpact":"NONE","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"PROOF_OF_CONCEPT","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"cna@vuldb.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N","baseScore":3.1,"baseSeverity":"LOW","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":1.6,"impactScore":1.4}],"cvssMetricV2":[{"source":"cna@vuldb.com","type":"Secondary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:H/Au:S/C:P/I:N/A:N","baseScore":2.1,"accessVector":"NETWORK","accessComplexity":"HIGH","authentication":"SINGLE","confidentialityImpact":"PARTIAL","integrityImpact":"NONE","availabilityImpact":"NONE"},"baseSeverity":"LOW","exploitabilityScore":3.9,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-29T12:34:18.870139Z","id":"CVE-2026-13493","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"cna@vuldb.com","type":"Secondary","description":[{"lang":"en","value":"CWE-99"}]}],"references":[{"url":"https://github.com/AIDC-AI/ComfyUI-Copilot/","source":"cna@vuldb.com"},{"url":"https://github.com/AIDC-AI/ComfyUI-Copilot/issues/149","source":"cna@vuldb.com"},{"url":"https://github.com/AIDC-AI/ComfyUI-Copilot/pull/150","source":"cna@vuldb.com"},{"url":"https://vuldb.com/cve/CVE-2026-13493","source":"cna@vuldb.com"},{"url":"https://vuldb.com/submit/838497","source":"cna@vuldb.com"},{"url":"https://vuldb.com/vuln/374489","source":"cna@vuldb.com"},{"url":"https://vuldb.com/vuln/374489/cti","source":"cna@vuldb.com"}]}},{"cve":{"id":"CVE-2026-13495","sourceIdentifier":"cna@vuldb.com","published":"2026-06-28T13:16:52.877","lastModified":"2026-06-29T18:46:31.617","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"A vulnerability has been found in itsourcecode Hospital Management System 1.0. Impacted is an unknown function of the file /adminprofile.php. The manipulation of the argument loginid leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used."}],"affected":[{"source":"cna@vuldb.com","affectedData":[{"vendor":"itsourcecode","product":"Hospital Management System","cpes":["cpe:2.3:a:itsourcecode:hospital_management_system:*:*:*:*:*:*:*:*"],"versions":[{"version":"1.0","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"cna@vuldb.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":2.0,"baseSeverity":"LOW","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"HIGH","userInteraction":"NONE","vulnConfidentialityImpact":"LOW","vulnIntegrityImpact":"LOW","vulnAvailabilityImpact":"LOW","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"PROOF_OF_CONCEPT","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"cna@vuldb.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L","baseScore":4.7,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"LOW"},"exploitabilityScore":1.2,"impactScore":3.4}],"cvssMetricV2":[{"source":"cna@vuldb.com","type":"Secondary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:M/C:P/I:P/A:P","baseScore":5.8,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"MULTIPLE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"MEDIUM","exploitabilityScore":6.4,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-29T14:16:16.232952Z","id":"CVE-2026-13495","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"cna@vuldb.com","type":"Secondary","description":[{"lang":"en","value":"CWE-74"},{"lang":"en","value":"CWE-89"}]}],"references":[{"url":"https://github.com/ltranquility/vuln_submit/issues/16","source":"cna@vuldb.com"},{"url":"https://itsourcecode.com/","source":"cna@vuldb.com"},{"url":"https://vuldb.com/cve/CVE-2026-13495","source":"cna@vuldb.com"},{"url":"https://vuldb.com/submit/838499","source":"cna@vuldb.com"},{"url":"https://vuldb.com/vuln/374490","source":"cna@vuldb.com"},{"url":"https://vuldb.com/vuln/374490/cti","source":"cna@vuldb.com"}]}},{"cve":{"id":"CVE-2026-13496","sourceIdentifier":"cna@vuldb.com","published":"2026-06-28T13:16:53.037","lastModified":"2026-06-29T18:46:31.617","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"A vulnerability was found in itsourcecode Hospital Management System 1.0. The affected element is an unknown function of the file /ajaxmedicine.php. The manipulation of the argument medicineid results in sql injection. It is possible to launch the attack remotely. The exploit has been made public and could be used."}],"affected":[{"source":"cna@vuldb.com","affectedData":[{"vendor":"itsourcecode","product":"Hospital Management System","cpes":["cpe:2.3:a:itsourcecode:hospital_management_system:*:*:*:*:*:*:*:*"],"versions":[{"version":"1.0","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"cna@vuldb.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":2.1,"baseSeverity":"LOW","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"LOW","userInteraction":"NONE","vulnConfidentialityImpact":"LOW","vulnIntegrityImpact":"LOW","vulnAvailabilityImpact":"LOW","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"PROOF_OF_CONCEPT","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"cna@vuldb.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L","baseScore":6.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"LOW"},"exploitabilityScore":2.8,"impactScore":3.4}],"cvssMetricV2":[{"source":"cna@vuldb.com","type":"Secondary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:S/C:P/I:P/A:P","baseScore":6.5,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"SINGLE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"MEDIUM","exploitabilityScore":8.0,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-29T13:40:09.452172Z","id":"CVE-2026-13496","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"cna@vuldb.com","type":"Secondary","description":[{"lang":"en","value":"CWE-74"},{"lang":"en","value":"CWE-89"}]}],"references":[{"url":"https://github.com/ltranquility/vuln_submit/issues/18","source":"cna@vuldb.com"},{"url":"https://itsourcecode.com/","source":"cna@vuldb.com"},{"url":"https://vuldb.com/cve/CVE-2026-13496","source":"cna@vuldb.com"},{"url":"https://vuldb.com/submit/838501","source":"cna@vuldb.com"},{"url":"https://vuldb.com/vuln/374491","source":"cna@vuldb.com"},{"url":"https://vuldb.com/vuln/374491/cti","source":"cna@vuldb.com"}]}},{"cve":{"id":"CVE-2026-13497","sourceIdentifier":"cna@vuldb.com","published":"2026-06-28T13:16:53.197","lastModified":"2026-06-29T18:43:23.110","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"A vulnerability was determined in itsourcecode Hospital Management System 1.0. The impacted element is an unknown function of the file /appointment.php. This manipulation of the argument editid causes sql injection. The attack can be initiated remotely. The exploit has been publicly disclosed and may be utilized."}],"affected":[{"source":"cna@vuldb.com","affectedData":[{"vendor":"itsourcecode","product":"Hospital Management System","cpes":["cpe:2.3:a:itsourcecode:hospital_management_system:*:*:*:*:*:*:*:*"],"versions":[{"version":"1.0","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"cna@vuldb.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":2.1,"baseSeverity":"LOW","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"LOW","userInteraction":"NONE","vulnConfidentialityImpact":"LOW","vulnIntegrityImpact":"LOW","vulnAvailabilityImpact":"LOW","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"PROOF_OF_CONCEPT","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"cna@vuldb.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L","baseScore":6.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"LOW"},"exploitabilityScore":2.8,"impactScore":3.4}],"cvssMetricV2":[{"source":"cna@vuldb.com","type":"Secondary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:S/C:P/I:P/A:P","baseScore":6.5,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"SINGLE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"MEDIUM","exploitabilityScore":8.0,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-29T13:00:23.494093Z","id":"CVE-2026-13497","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"cna@vuldb.com","type":"Secondary","description":[{"lang":"en","value":"CWE-74"},{"lang":"en","value":"CWE-89"}]}],"references":[{"url":"https://github.com/ltranquility/vuln_submit/issues/19","source":"cna@vuldb.com"},{"url":"https://itsourcecode.com/","source":"cna@vuldb.com"},{"url":"https://vuldb.com/cve/CVE-2026-13497","source":"cna@vuldb.com"},{"url":"https://vuldb.com/submit/838502","source":"cna@vuldb.com"},{"url":"https://vuldb.com/vuln/374492","source":"cna@vuldb.com"},{"url":"https://vuldb.com/vuln/374492/cti","source":"cna@vuldb.com"}]}},{"cve":{"id":"CVE-2026-13499","sourceIdentifier":"cna@vuldb.com","published":"2026-06-28T14:16:28.180","lastModified":"2026-06-29T18:43:23.110","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"A security flaw has been discovered in yashpokharna2555 restaurent-management-system. This impacts an unknown function of the file login_register.php of the component Registration Handler. Performing a manipulation of the argument Username results in cross site scripting. The attack may be initiated remotely. The exploit has been released to the public and may be used for attacks. This product uses a rolling release model to deliver continuous updates. As a result, specific version information for affected or updated releases is not available. The project was informed of the problem early through an issue report but has not responded yet."}],"affected":[{"source":"cna@vuldb.com","affectedData":[{"vendor":"yashpokharna2555","product":"restaurent-management-system","cpes":["cpe:2.3:a:yashpokharna2555:restaurent-management-system:*:*:*:*:*:*:*:*"],"modules":["Registration Handler"],"versions":[{"version":"5f3eca87cb681366866a78038af17891c4c86612","status":"affected"},{"version":"6d1cc94c9007e2373d30d9c940824a5d2f50d9b6","status":"affected"},{"version":"b7124069da225d5be3f430eb4d8e23d294f7a14f","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"cna@vuldb.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":2.1,"baseSeverity":"LOW","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"NONE","userInteraction":"PASSIVE","vulnConfidentialityImpact":"NONE","vulnIntegrityImpact":"LOW","vulnAvailabilityImpact":"NONE","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"PROOF_OF_CONCEPT","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"cna@vuldb.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N","baseScore":4.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":1.4}],"cvssMetricV2":[{"source":"cna@vuldb.com","type":"Secondary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:N/I:P/A:N","baseScore":5.0,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"NONE","integrityImpact":"PARTIAL","availabilityImpact":"NONE"},"baseSeverity":"MEDIUM","exploitabilityScore":10.0,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-29T12:31:21.146960Z","id":"CVE-2026-13499","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"cna@vuldb.com","type":"Secondary","description":[{"lang":"en","value":"CWE-79"},{"lang":"en","value":"CWE-94"}]}],"references":[{"url":"https://github.com/yashpokharna2555/restaurent-management-system/","source":"cna@vuldb.com"},{"url":"https://github.com/yashpokharna2555/restaurent-management-system/issues/4","source":"cna@vuldb.com"},{"url":"https://vuldb.com/cve/CVE-2026-13499","source":"cna@vuldb.com"},{"url":"https://vuldb.com/submit/838560","source":"cna@vuldb.com"},{"url":"https://vuldb.com/vuln/374494","source":"cna@vuldb.com"},{"url":"https://vuldb.com/vuln/374494/cti","source":"cna@vuldb.com"}]}},{"cve":{"id":"CVE-2026-13500","sourceIdentifier":"cna@vuldb.com","published":"2026-06-28T15:16:51.973","lastModified":"2026-06-29T18:46:31.617","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"A weakness has been identified in antlr ANTLR4 up to 4.13.2. Affected is an unknown function of the file tool/src/org/antlr/v4/codegen/model/OutputFile.java of the component Grammar Action Block Handler. Executing a manipulation can lead to code injection. The attack may be launched remotely. The exploit has been made available to the public and could be used for attacks. The vendor was contacted early about this disclosure but did not respond in any way."}],"affected":[{"source":"cna@vuldb.com","affectedData":[{"vendor":"antlr","product":"ANTLR4","cpes":["cpe:2.3:a:antlr:antlr4:*:*:*:*:*:*:*:*"],"modules":["Grammar Action Block Handler"],"versions":[{"version":"4.13.0","status":"affected"},{"version":"4.13.1","status":"affected"},{"version":"4.13.2","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"cna@vuldb.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":5.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"NONE","userInteraction":"NONE","vulnConfidentialityImpact":"LOW","vulnIntegrityImpact":"LOW","vulnAvailabilityImpact":"LOW","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"PROOF_OF_CONCEPT","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"cna@vuldb.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L","baseScore":7.3,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"LOW"},"exploitabilityScore":3.9,"impactScore":3.4}],"cvssMetricV2":[{"source":"cna@vuldb.com","type":"Secondary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:P/I:P/A:P","baseScore":7.5,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"HIGH","exploitabilityScore":10.0,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-29T12:36:50.191025Z","id":"CVE-2026-13500","options":[{"exploitation":"poc"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"cna@vuldb.com","type":"Secondary","description":[{"lang":"en","value":"CWE-74"},{"lang":"en","value":"CWE-94"}]}],"references":[{"url":"https://github.com/wooyun123/wooyun/issues/4","source":"cna@vuldb.com"},{"url":"https://vuldb.com/cve/CVE-2026-13500","source":"cna@vuldb.com"},{"url":"https://vuldb.com/submit/838568","source":"cna@vuldb.com"},{"url":"https://vuldb.com/vuln/374495","source":"cna@vuldb.com"},{"url":"https://vuldb.com/vuln/374495/cti","source":"cna@vuldb.com"}]}},{"cve":{"id":"CVE-2026-13501","sourceIdentifier":"cna@vuldb.com","published":"2026-06-28T15:16:52.967","lastModified":"2026-06-29T18:46:31.617","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"A security vulnerability has been detected in antlr ANTLR4 up to 4.13.2. Affected by this vulnerability is the function GoTarget of the file tool/src/org/antlr/v4/codegen/target/GoTarget.java of the component gofmt. The manipulation leads to command injection. The attack can only be performed from a local environment. The exploit has been disclosed publicly and may be used. The vendor was contacted early about this disclosure but did not respond in any way."}],"affected":[{"source":"cna@vuldb.com","affectedData":[{"vendor":"antlr","product":"ANTLR4","cpes":["cpe:2.3:a:antlr:antlr4:*:*:*:*:*:*:*:*"],"modules":["gofmt"],"versions":[{"version":"4.13.0","status":"affected"},{"version":"4.13.1","status":"affected"},{"version":"4.13.2","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"cna@vuldb.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":1.9,"baseSeverity":"LOW","attackVector":"LOCAL","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"LOW","userInteraction":"NONE","vulnConfidentialityImpact":"LOW","vulnIntegrityImpact":"LOW","vulnAvailabilityImpact":"LOW","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"PROOF_OF_CONCEPT","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"cna@vuldb.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L","baseScore":5.3,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"LOW"},"exploitabilityScore":1.8,"impactScore":3.4}],"cvssMetricV2":[{"source":"cna@vuldb.com","type":"Secondary","cvssData":{"version":"2.0","vectorString":"AV:L/AC:L/Au:S/C:P/I:P/A:P","baseScore":4.3,"accessVector":"LOCAL","accessComplexity":"LOW","authentication":"SINGLE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"MEDIUM","exploitabilityScore":3.1,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-29T14:16:13.815767Z","id":"CVE-2026-13501","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"cna@vuldb.com","type":"Secondary","description":[{"lang":"en","value":"CWE-74"},{"lang":"en","value":"CWE-77"}]}],"references":[{"url":"https://github.com/wooyun123/wooyun/issues/6","source":"cna@vuldb.com"},{"url":"https://vuldb.com/cve/CVE-2026-13501","source":"cna@vuldb.com"},{"url":"https://vuldb.com/submit/838569","source":"cna@vuldb.com"},{"url":"https://vuldb.com/vuln/374496","source":"cna@vuldb.com"},{"url":"https://vuldb.com/vuln/374496/cti","source":"cna@vuldb.com"}]}},{"cve":{"id":"CVE-2026-13502","sourceIdentifier":"cna@vuldb.com","published":"2026-06-28T15:16:53.150","lastModified":"2026-06-29T18:46:31.617","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"A flaw has been found in antlr ANTLR4 up to 4.13.2. This affects the function ObjectInputStream.readObject of the file antlr4-maven-plugin/src/main/java/org/antlr/mojo/antlr4/GrammarDependencies.java of the component Maven Plugin. This manipulation causes time-of-check time-of-use. The attack is restricted to local execution. A high degree of complexity is needed for the attack. It is indicated that the exploitability is difficult. The exploit has been published and may be used. The vendor was contacted early about this disclosure but did not respond in any way."}],"affected":[{"source":"cna@vuldb.com","affectedData":[{"vendor":"antlr","product":"ANTLR4","cpes":["cpe:2.3:a:antlr:antlr4:*:*:*:*:*:*:*:*"],"modules":["Maven Plugin"],"versions":[{"version":"4.13.0","status":"affected"},{"version":"4.13.1","status":"affected"},{"version":"4.13.2","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"cna@vuldb.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":1.1,"baseSeverity":"LOW","attackVector":"LOCAL","attackComplexity":"HIGH","attackRequirements":"NONE","privilegesRequired":"LOW","userInteraction":"NONE","vulnConfidentialityImpact":"LOW","vulnIntegrityImpact":"LOW","vulnAvailabilityImpact":"LOW","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"PROOF_OF_CONCEPT","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"cna@vuldb.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L","baseScore":4.5,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"HIGH","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"LOW"},"exploitabilityScore":1.0,"impactScore":3.4}],"cvssMetricV2":[{"source":"cna@vuldb.com","type":"Secondary","cvssData":{"version":"2.0","vectorString":"AV:L/AC:H/Au:S/C:P/I:P/A:P","baseScore":3.5,"accessVector":"LOCAL","accessComplexity":"HIGH","authentication":"SINGLE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"LOW","exploitabilityScore":1.5,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-29T13:44:36.339186Z","id":"CVE-2026-13502","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"cna@vuldb.com","type":"Secondary","description":[{"lang":"en","value":"CWE-362"},{"lang":"en","value":"CWE-367"}]}],"references":[{"url":"https://github.com/wooyun123/wooyun/issues/7","source":"cna@vuldb.com"},{"url":"https://vuldb.com/cve/CVE-2026-13502","source":"cna@vuldb.com"},{"url":"https://vuldb.com/submit/838685","source":"cna@vuldb.com"},{"url":"https://vuldb.com/vuln/374498","source":"cna@vuldb.com"},{"url":"https://vuldb.com/vuln/374498/cti","source":"cna@vuldb.com"}]}},{"cve":{"id":"CVE-2026-13503","sourceIdentifier":"cna@vuldb.com","published":"2026-06-28T16:16:32.123","lastModified":"2026-06-29T18:46:31.617","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"A vulnerability was detected in antlr ANTLR4 up to 4.13.2. Affected by this issue is the function getImportedVocabFile of the file tool/src/org/antlr/v4/parse/TokenVocabParser.java of the component tokenVocab Grammar Option Handler. The manipulation results in path traversal. The attack can be executed remotely. The exploit is now public and may be used. The vendor was contacted early about this disclosure but did not respond in any way."}],"affected":[{"source":"cna@vuldb.com","affectedData":[{"vendor":"antlr","product":"ANTLR4","cpes":["cpe:2.3:a:antlr:antlr4:*:*:*:*:*:*:*:*"],"modules":["tokenVocab Grammar Option Handler"],"versions":[{"version":"4.13.0","status":"affected"},{"version":"4.13.1","status":"affected"},{"version":"4.13.2","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"cna@vuldb.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":5.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"NONE","userInteraction":"NONE","vulnConfidentialityImpact":"LOW","vulnIntegrityImpact":"NONE","vulnAvailabilityImpact":"NONE","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"PROOF_OF_CONCEPT","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"cna@vuldb.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N","baseScore":5.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":1.4}],"cvssMetricV2":[{"source":"cna@vuldb.com","type":"Secondary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:P/I:N/A:N","baseScore":5.0,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"NONE","availabilityImpact":"NONE"},"baseSeverity":"MEDIUM","exploitabilityScore":10.0,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-29T13:11:13.336960Z","id":"CVE-2026-13503","options":[{"exploitation":"poc"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"cna@vuldb.com","type":"Secondary","description":[{"lang":"en","value":"CWE-22"}]}],"references":[{"url":"https://github.com/wooyun123/wooyun/issues/8","source":"cna@vuldb.com"},{"url":"https://vuldb.com/cve/CVE-2026-13503","source":"cna@vuldb.com"},{"url":"https://vuldb.com/submit/838686","source":"cna@vuldb.com"},{"url":"https://vuldb.com/vuln/374497","source":"cna@vuldb.com"},{"url":"https://vuldb.com/vuln/374497/cti","source":"cna@vuldb.com"}]}},{"cve":{"id":"CVE-2026-13507","sourceIdentifier":"cna@vuldb.com","published":"2026-06-28T22:16:47.293","lastModified":"2026-06-29T18:41:05.950","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"A vulnerability was detected in volcengine OpenViking up to 0.3.21. This affects the function str_to_uint64 of the file openviking/storage/vectordb/utils/str_to_uint64.py of the component Local VectorDB Primary-key Label Handler. The manipulation of the argument ID results in insufficient verification of data authenticity. The attack may be launched remotely. Attacks of this nature are highly complex. The exploitability is reported as difficult. The pull request to fix this issue awaits acceptance."}],"affected":[{"source":"cna@vuldb.com","affectedData":[{"vendor":"volcengine","product":"OpenViking","cpes":["cpe:2.3:a:volcengine:openviking:*:*:*:*:*:*:*:*"],"modules":["Local VectorDB Primary-key Label Handler"],"versions":[{"version":"0.3.0","status":"affected"},{"version":"0.3.1","status":"affected"},{"version":"0.3.2","status":"affected"},{"version":"0.3.3","status":"affected"},{"version":"0.3.4","status":"affected"},{"version":"0.3.5","status":"affected"},{"version":"0.3.6","status":"affected"},{"version":"0.3.7","status":"affected"},{"version":"0.3.8","status":"affected"},{"version":"0.3.9","status":"affected"},{"version":"0.3.10","status":"affected"},{"version":"0.3.11","status":"affected"},{"version":"0.3.12","status":"affected"},{"version":"0.3.13","status":"affected"},{"version":"0.3.14","status":"affected"},{"version":"0.3.15","status":"affected"},{"version":"0.3.16","status":"affected"},{"version":"0.3.17","status":"affected"},{"version":"0.3.18","status":"affected"},{"version":"0.3.19","status":"affected"},{"version":"0.3.20","status":"affected"},{"version":"0.3.21","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"cna@vuldb.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":2.3,"baseSeverity":"LOW","attackVector":"NETWORK","attackComplexity":"HIGH","attackRequirements":"NONE","privilegesRequired":"LOW","userInteraction":"NONE","vulnConfidentialityImpact":"LOW","vulnIntegrityImpact":"LOW","vulnAvailabilityImpact":"LOW","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"cna@vuldb.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L","baseScore":5.0,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"LOW"},"exploitabilityScore":1.6,"impactScore":3.4}],"cvssMetricV2":[{"source":"cna@vuldb.com","type":"Secondary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:H/Au:S/C:P/I:P/A:P","baseScore":4.6,"accessVector":"NETWORK","accessComplexity":"HIGH","authentication":"SINGLE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"MEDIUM","exploitabilityScore":3.9,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-29T11:13:13.978342Z","id":"CVE-2026-13507","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"cna@vuldb.com","type":"Secondary","description":[{"lang":"en","value":"CWE-345"}]}],"references":[{"url":"https://github.com/volcengine/OpenViking/","source":"cna@vuldb.com"},{"url":"https://github.com/volcengine/OpenViking/issues/2263","source":"cna@vuldb.com"},{"url":"https://github.com/volcengine/OpenViking/pull/2268","source":"cna@vuldb.com"},{"url":"https://vuldb.com/cve/CVE-2026-13507","source":"cna@vuldb.com"},{"url":"https://vuldb.com/submit/838791","source":"cna@vuldb.com"},{"url":"https://vuldb.com/vuln/374515","source":"cna@vuldb.com"},{"url":"https://vuldb.com/vuln/374515/cti","source":"cna@vuldb.com"},{"url":"https://github.com/volcengine/OpenViking/issues/2263","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0"}]}},{"cve":{"id":"CVE-2026-13508","sourceIdentifier":"cna@vuldb.com","published":"2026-06-28T22:16:48.303","lastModified":"2026-06-29T18:46:31.617","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"A flaw has been found in khoj-ai khoj up to 2.0.0-beta.28. This impacts an unknown function of the file src/khoj/routers/api_chat.py of the component Conversation Sharing Handler. This manipulation of the argument conversation.agent causes incorrect authorization. Remote exploitation of the attack is possible. The exploit has been published and may be used. The pull request to fix this issue awaits acceptance."}],"affected":[{"source":"cna@vuldb.com","affectedData":[{"vendor":"khoj-ai","product":"khoj","cpes":["cpe:2.3:a:khoj-ai:khoj:*:*:*:*:*:*:*:*"],"modules":["Conversation Sharing Handler"],"versions":[{"version":"2.0.0-beta.0","status":"affected"},{"version":"2.0.0-beta.1","status":"affected"},{"version":"2.0.0-beta.2","status":"affected"},{"version":"2.0.0-beta.3","status":"affected"},{"version":"2.0.0-beta.4","status":"affected"},{"version":"2.0.0-beta.5","status":"affected"},{"version":"2.0.0-beta.6","status":"affected"},{"version":"2.0.0-beta.7","status":"affected"},{"version":"2.0.0-beta.8","status":"affected"},{"version":"2.0.0-beta.9","status":"affected"},{"version":"2.0.0-beta.10","status":"affected"},{"version":"2.0.0-beta.11","status":"affected"},{"version":"2.0.0-beta.12","status":"affected"},{"version":"2.0.0-beta.13","status":"affected"},{"version":"2.0.0-beta.14","status":"affected"},{"version":"2.0.0-beta.15","status":"affected"},{"version":"2.0.0-beta.16","status":"affected"},{"version":"2.0.0-beta.17","status":"affected"},{"version":"2.0.0-beta.18","status":"affected"},{"version":"2.0.0-beta.19","status":"affected"},{"version":"2.0.0-beta.20","status":"affected"},{"version":"2.0.0-beta.21","status":"affected"},{"version":"2.0.0-beta.22","status":"affected"},{"version":"2.0.0-beta.23","status":"affected"},{"version":"2.0.0-beta.24","status":"affected"},{"version":"2.0.0-beta.25","status":"affected"},{"version":"2.0.0-beta.26","status":"affected"},{"version":"2.0.0-beta.27","status":"affected"},{"version":"2.0.0-beta.28","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"cna@vuldb.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":2.0,"baseSeverity":"LOW","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"LOW","userInteraction":"PASSIVE","vulnConfidentialityImpact":"LOW","vulnIntegrityImpact":"LOW","vulnAvailabilityImpact":"LOW","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"PROOF_OF_CONCEPT","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"cna@vuldb.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L","baseScore":5.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"LOW"},"exploitabilityScore":2.1,"impactScore":3.4}],"cvssMetricV2":[{"source":"cna@vuldb.com","type":"Secondary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:S/C:P/I:P/A:P","baseScore":6.5,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"SINGLE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"MEDIUM","exploitabilityScore":8.0,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-29T13:39:09.379215Z","id":"CVE-2026-13508","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"cna@vuldb.com","type":"Secondary","description":[{"lang":"en","value":"CWE-285"},{"lang":"en","value":"CWE-863"}]}],"references":[{"url":"https://github.com/khoj-ai/khoj/","source":"cna@vuldb.com"},{"url":"https://github.com/khoj-ai/khoj/issues/1327","source":"cna@vuldb.com"},{"url":"https://github.com/khoj-ai/khoj/pull/1328","source":"cna@vuldb.com"},{"url":"https://vuldb.com/cve/CVE-2026-13508","source":"cna@vuldb.com"},{"url":"https://vuldb.com/submit/838812","source":"cna@vuldb.com"},{"url":"https://vuldb.com/vuln/374516","source":"cna@vuldb.com"},{"url":"https://vuldb.com/vuln/374516/cti","source":"cna@vuldb.com"}]}},{"cve":{"id":"CVE-2026-13509","sourceIdentifier":"cna@vuldb.com","published":"2026-06-28T22:16:48.480","lastModified":"2026-06-29T18:46:31.617","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"A vulnerability has been found in RAGapp up to 0.1.5. Affected is the function FileHandler.upload_file/FileHandler.remove_file of the file src/ragapp/backend/controllers/files.py of the component Knowledge File Handler. Such manipulation leads to path traversal. The attack can be executed remotely. The exploit has been disclosed to the public and may be used. The pull request to fix this issue awaits acceptance."}],"affected":[{"source":"cna@vuldb.com","affectedData":[{"vendor":"n/a","product":"RAGapp","cpes":["cpe:2.3:a:ragapp:ragapp:*:*:*:*:*:*:*:*"],"modules":["Knowledge File Handler"],"versions":[{"version":"0.1.0","status":"affected"},{"version":"0.1.1","status":"affected"},{"version":"0.1.2","status":"affected"},{"version":"0.1.3","status":"affected"},{"version":"0.1.4","status":"affected"},{"version":"0.1.5","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"cna@vuldb.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":2.1,"baseSeverity":"LOW","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"LOW","userInteraction":"NONE","vulnConfidentialityImpact":"LOW","vulnIntegrityImpact":"LOW","vulnAvailabilityImpact":"LOW","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"PROOF_OF_CONCEPT","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"cna@vuldb.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L","baseScore":6.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"LOW"},"exploitabilityScore":2.8,"impactScore":3.4}],"cvssMetricV2":[{"source":"cna@vuldb.com","type":"Secondary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:S/C:P/I:P/A:P","baseScore":6.5,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"SINGLE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"MEDIUM","exploitabilityScore":8.0,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-29T14:16:11.344471Z","id":"CVE-2026-13509","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"cna@vuldb.com","type":"Secondary","description":[{"lang":"en","value":"CWE-22"}]}],"references":[{"url":"https://github.com/ragapp/ragapp/","source":"cna@vuldb.com"},{"url":"https://github.com/ragapp/ragapp/issues/293","source":"cna@vuldb.com"},{"url":"https://github.com/ragapp/ragapp/pull/294","source":"cna@vuldb.com"},{"url":"https://vuldb.com/cve/CVE-2026-13509","source":"cna@vuldb.com"},{"url":"https://vuldb.com/submit/838838","source":"cna@vuldb.com"},{"url":"https://vuldb.com/vuln/374517","source":"cna@vuldb.com"},{"url":"https://vuldb.com/vuln/374517/cti","source":"cna@vuldb.com"}]}},{"cve":{"id":"CVE-2026-13510","sourceIdentifier":"cna@vuldb.com","published":"2026-06-28T23:16:47.263","lastModified":"2026-06-29T18:46:31.617","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"A vulnerability was found in SimStudioAI sim up to 0.6.92. Affected by this vulnerability is an unknown functionality in the library apps/sim/lib/core/security/deployment.ts of the component Password Protection Handler. Performing a manipulation results in use of weak hash. The attack is possible to be carried out remotely. The attack's complexity is rated as high. The exploitation appears to be difficult. The exploit has been made public and could be used. The pull request to fix this issue awaits acceptance."}],"affected":[{"source":"cna@vuldb.com","affectedData":[{"vendor":"SimStudioAI","product":"sim","cpes":["cpe:2.3:a:sim:sim:*:*:*:*:*:*:*:*"],"modules":["Password Protection Handler"],"versions":[{"version":"0.6.0","status":"affected"},{"version":"0.6.1","status":"affected"},{"version":"0.6.2","status":"affected"},{"version":"0.6.3","status":"affected"},{"version":"0.6.4","status":"affected"},{"version":"0.6.5","status":"affected"},{"version":"0.6.6","status":"affected"},{"version":"0.6.7","status":"affected"},{"version":"0.6.8","status":"affected"},{"version":"0.6.9","status":"affected"},{"version":"0.6.10","status":"affected"},{"version":"0.6.11","status":"affected"},{"version":"0.6.12","status":"affected"},{"version":"0.6.13","status":"affected"},{"version":"0.6.14","status":"affected"},{"version":"0.6.15","status":"affected"},{"version":"0.6.16","status":"affected"},{"version":"0.6.17","status":"affected"},{"version":"0.6.18","status":"affected"},{"version":"0.6.19","status":"affected"},{"version":"0.6.20","status":"affected"},{"version":"0.6.21","status":"affected"},{"version":"0.6.22","status":"affected"},{"version":"0.6.23","status":"affected"},{"version":"0.6.24","status":"affected"},{"version":"0.6.25","status":"affected"},{"version":"0.6.26","status":"affected"},{"version":"0.6.27","status":"affected"},{"version":"0.6.28","status":"affected"},{"version":"0.6.29","status":"affected"},{"version":"0.6.30","status":"affected"},{"version":"0.6.31","status":"affected"},{"version":"0.6.32","status":"affected"},{"version":"0.6.33","status":"affected"},{"version":"0.6.34","status":"affected"},{"version":"0.6.35","status":"affected"},{"version":"0.6.36","status":"affected"},{"version":"0.6.37","status":"affected"},{"version":"0.6.38","status":"affected"},{"version":"0.6.39","status":"affected"},{"version":"0.6.40","status":"affected"},{"version":"0.6.41","status":"affected"},{"version":"0.6.42","status":"affected"},{"version":"0.6.43","status":"affected"},{"version":"0.6.44","status":"affected"},{"version":"0.6.45","status":"affected"},{"version":"0.6.46","status":"affected"},{"version":"0.6.47","status":"affected"},{"version":"0.6.48","status":"affected"},{"version":"0.6.49","status":"affected"},{"version":"0.6.50","status":"affected"},{"version":"0.6.51","status":"affected"},{"version":"0.6.52","status":"affected"},{"version":"0.6.53","status":"affected"},{"version":"0.6.54","status":"affected"},{"version":"0.6.55","status":"affected"},{"version":"0.6.56","status":"affected"},{"version":"0.6.57","status":"affected"},{"version":"0.6.58","status":"affected"},{"version":"0.6.59","status":"affected"},{"version":"0.6.60","status":"affected"},{"version":"0.6.61","status":"affected"},{"version":"0.6.62","status":"affected"},{"version":"0.6.63","status":"affected"},{"version":"0.6.64","status":"affected"},{"version":"0.6.65","status":"affected"},{"version":"0.6.66","status":"affected"},{"version":"0.6.67","status":"affected"},{"version":"0.6.68","status":"affected"},{"version":"0.6.69","status":"affected"},{"version":"0.6.70","status":"affected"},{"version":"0.6.71","status":"affected"},{"version":"0.6.72","status":"affected"},{"version":"0.6.73","status":"affected"},{"version":"0.6.74","status":"affected"},{"version":"0.6.75","status":"affected"},{"version":"0.6.76","status":"affected"},{"version":"0.6.77","status":"affected"},{"version":"0.6.78","status":"affected"},{"version":"0.6.79","status":"affected"},{"version":"0.6.80","status":"affected"},{"version":"0.6.81","status":"affected"},{"version":"0.6.82","status":"affected"},{"version":"0.6.83","status":"affected"},{"version":"0.6.84","status":"affected"},{"version":"0.6.85","status":"affected"},{"version":"0.6.86","status":"affected"},{"version":"0.6.87","status":"affected"},{"version":"0.6.88","status":"affected"},{"version":"0.6.89","status":"affected"},{"version":"0.6.90","status":"affected"},{"version":"0.6.91","status":"affected"},{"version":"0.6.92","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"cna@vuldb.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":2.9,"baseSeverity":"LOW","attackVector":"NETWORK","attackComplexity":"HIGH","attackRequirements":"NONE","privilegesRequired":"NONE","userInteraction":"NONE","vulnConfidentialityImpact":"LOW","vulnIntegrityImpact":"NONE","vulnAvailabilityImpact":"NONE","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"PROOF_OF_CONCEPT","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"cna@vuldb.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N","baseScore":3.7,"baseSeverity":"LOW","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":2.2,"impactScore":1.4}],"cvssMetricV2":[{"source":"cna@vuldb.com","type":"Secondary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:H/Au:N/C:P/I:N/A:N","baseScore":2.6,"accessVector":"NETWORK","accessComplexity":"HIGH","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"NONE","availabilityImpact":"NONE"},"baseSeverity":"LOW","exploitabilityScore":4.9,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-29T13:43:36.108785Z","id":"CVE-2026-13510","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"cna@vuldb.com","type":"Secondary","description":[{"lang":"en","value":"CWE-327"},{"lang":"en","value":"CWE-328"}]}],"references":[{"url":"https://github.com/simstudioai/sim/","source":"cna@vuldb.com"},{"url":"https://github.com/simstudioai/sim/issues/4759","source":"cna@vuldb.com"},{"url":"https://github.com/simstudioai/sim/pull/4760","source":"cna@vuldb.com"},{"url":"https://vuldb.com/cve/CVE-2026-13510","source":"cna@vuldb.com"},{"url":"https://vuldb.com/submit/838842","source":"cna@vuldb.com"},{"url":"https://vuldb.com/vuln/374518","source":"cna@vuldb.com"},{"url":"https://vuldb.com/vuln/374518/cti","source":"cna@vuldb.com"}]}},{"cve":{"id":"CVE-2026-13511","sourceIdentifier":"cna@vuldb.com","published":"2026-06-28T23:16:48.293","lastModified":"2026-06-29T18:46:31.617","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"A vulnerability was determined in VoltAgent up to 2.1.17. Affected by this issue is the function handleGetMemoryConversation of the file packages/server-core/src/handlers/memory.handlers.ts of the component Memory REST API. Executing a manipulation of the argument conversationId can lead to improper authorization. The attack may be performed from remote. This attack is characterized by high complexity. The exploitation is known to be difficult. The exploit has been publicly disclosed and may be utilized. The pull request to fix this issue awaits acceptance."}],"affected":[{"source":"cna@vuldb.com","affectedData":[{"vendor":"n/a","product":"VoltAgent","cpes":["cpe:2.3:a:voltagent:voltagent:*:*:*:*:*:*:*:*"],"modules":["Memory REST API"],"versions":[{"version":"2.1.0","status":"affected"},{"version":"2.1.1","status":"affected"},{"version":"2.1.2","status":"affected"},{"version":"2.1.3","status":"affected"},{"version":"2.1.4","status":"affected"},{"version":"2.1.5","status":"affected"},{"version":"2.1.6","status":"affected"},{"version":"2.1.7","status":"affected"},{"version":"2.1.8","status":"affected"},{"version":"2.1.9","status":"affected"},{"version":"2.1.10","status":"affected"},{"version":"2.1.11","status":"affected"},{"version":"2.1.12","status":"affected"},{"version":"2.1.13","status":"affected"},{"version":"2.1.14","status":"affected"},{"version":"2.1.15","status":"affected"},{"version":"2.1.16","status":"affected"},{"version":"2.1.17","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"cna@vuldb.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":1.3,"baseSeverity":"LOW","attackVector":"NETWORK","attackComplexity":"HIGH","attackRequirements":"NONE","privilegesRequired":"LOW","userInteraction":"NONE","vulnConfidentialityImpact":"LOW","vulnIntegrityImpact":"NONE","vulnAvailabilityImpact":"NONE","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"PROOF_OF_CONCEPT","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"cna@vuldb.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N","baseScore":3.1,"baseSeverity":"LOW","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":1.6,"impactScore":1.4}],"cvssMetricV2":[{"source":"cna@vuldb.com","type":"Secondary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:H/Au:S/C:P/I:N/A:N","baseScore":2.1,"accessVector":"NETWORK","accessComplexity":"HIGH","authentication":"SINGLE","confidentialityImpact":"PARTIAL","integrityImpact":"NONE","availabilityImpact":"NONE"},"baseSeverity":"LOW","exploitabilityScore":3.9,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-29T12:59:51.199975Z","id":"CVE-2026-13511","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"cna@vuldb.com","type":"Secondary","description":[{"lang":"en","value":"CWE-266"},{"lang":"en","value":"CWE-285"}]}],"references":[{"url":"https://github.com/VoltAgent/voltagent/","source":"cna@vuldb.com"},{"url":"https://github.com/VoltAgent/voltagent/issues/1315","source":"cna@vuldb.com"},{"url":"https://github.com/VoltAgent/voltagent/pull/1317","source":"cna@vuldb.com"},{"url":"https://vuldb.com/cve/CVE-2026-13511","source":"cna@vuldb.com"},{"url":"https://vuldb.com/submit/838873","source":"cna@vuldb.com"},{"url":"https://vuldb.com/vuln/374519","source":"cna@vuldb.com"},{"url":"https://vuldb.com/vuln/374519/cti","source":"cna@vuldb.com"}]}},{"cve":{"id":"CVE-2026-13513","sourceIdentifier":"cna@vuldb.com","published":"2026-06-29T00:16:47.110","lastModified":"2026-06-29T18:41:05.950","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"A security flaw has been discovered in MyScale MyScaleDB up to 1.8.0. This vulnerability affects the function SegmentId::getCacheKey in the library src/VectorIndex/Common/SegmentId.h. The manipulation results in insufficient verification of data authenticity. It is possible to launch the attack remotely. A high complexity level is associated with this attack. It is stated that the exploitability is difficult. The exploit has been released to the public and may be used for attacks. The pull request to fix this issue awaits acceptance."}],"affected":[{"source":"cna@vuldb.com","affectedData":[{"vendor":"MyScale","product":"MyScaleDB","cpes":["cpe:2.3:a:myscale:myscaledb:*:*:*:*:*:*:*:*"],"versions":[{"version":"1.0","status":"affected"},{"version":"1.1","status":"affected"},{"version":"1.2","status":"affected"},{"version":"1.3","status":"affected"},{"version":"1.4","status":"affected"},{"version":"1.5","status":"affected"},{"version":"1.6","status":"affected"},{"version":"1.7","status":"affected"},{"version":"1.8.0","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"cna@vuldb.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":1.3,"baseSeverity":"LOW","attackVector":"NETWORK","attackComplexity":"HIGH","attackRequirements":"NONE","privilegesRequired":"LOW","userInteraction":"NONE","vulnConfidentialityImpact":"LOW","vulnIntegrityImpact":"LOW","vulnAvailabilityImpact":"LOW","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"PROOF_OF_CONCEPT","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"cna@vuldb.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L","baseScore":5.0,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"LOW"},"exploitabilityScore":1.6,"impactScore":3.4}],"cvssMetricV2":[{"source":"cna@vuldb.com","type":"Secondary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:H/Au:S/C:P/I:P/A:P","baseScore":4.6,"accessVector":"NETWORK","accessComplexity":"HIGH","authentication":"SINGLE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"MEDIUM","exploitabilityScore":3.9,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-29T11:11:44.274782Z","id":"CVE-2026-13513","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"cna@vuldb.com","type":"Secondary","description":[{"lang":"en","value":"CWE-345"}]}],"references":[{"url":"https://github.com/myscale/MyScaleDB/","source":"cna@vuldb.com"},{"url":"https://github.com/myscale/MyScaleDB/issues/54","source":"cna@vuldb.com"},{"url":"https://github.com/myscale/MyScaleDB/pull/55","source":"cna@vuldb.com"},{"url":"https://vuldb.com/cve/CVE-2026-13513","source":"cna@vuldb.com"},{"url":"https://vuldb.com/submit/838878","source":"cna@vuldb.com"},{"url":"https://vuldb.com/vuln/374521","source":"cna@vuldb.com"},{"url":"https://vuldb.com/vuln/374521/cti","source":"cna@vuldb.com"}]}},{"cve":{"id":"CVE-2026-13514","sourceIdentifier":"cna@vuldb.com","published":"2026-06-29T00:16:47.280","lastModified":"2026-06-29T18:46:31.617","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"A weakness has been identified in Chess Play and Learn App up to 4.9.42 on Android. This issue affects some unknown processing of the file AndroidManifest.xml of the component com.chess. This manipulation causes exposure of backup file to an unauthorized control sphere. It is feasible to perform the attack on the physical device. The exploit has been made available to the public and could be used for attacks. Upgrading the affected component is advised. The vendor was informed early about this issue. They confirmed the existence and that they will address it. Furthermore, they explain that their bug bounty \"explicitly excludes physical-access attacks\". However, they appreciate the quality of the report and aim at making a goodwill payment to the researcher."}],"affected":[{"source":"cna@vuldb.com","affectedData":[{"vendor":"Chess","product":"Play and Learn App","cpes":["cpe:2.3:a:chess:play_and_learn_app:*:*:*:*:*:*:*:*"],"modules":["com.chess"],"versions":[{"version":"4.9.0","status":"affected"},{"version":"4.9.1","status":"affected"},{"version":"4.9.2","status":"affected"},{"version":"4.9.3","status":"affected"},{"version":"4.9.4","status":"affected"},{"version":"4.9.5","status":"affected"},{"version":"4.9.6","status":"affected"},{"version":"4.9.7","status":"affected"},{"version":"4.9.8","status":"affected"},{"version":"4.9.9","status":"affected"},{"version":"4.9.10","status":"affected"},{"version":"4.9.11","status":"affected"},{"version":"4.9.12","status":"affected"},{"version":"4.9.13","status":"affected"},{"version":"4.9.14","status":"affected"},{"version":"4.9.15","status":"affected"},{"version":"4.9.16","status":"affected"},{"version":"4.9.17","status":"affected"},{"version":"4.9.18","status":"affected"},{"version":"4.9.19","status":"affected"},{"version":"4.9.20","status":"affected"},{"version":"4.9.21","status":"affected"},{"version":"4.9.22","status":"affected"},{"version":"4.9.23","status":"affected"},{"version":"4.9.24","status":"affected"},{"version":"4.9.25","status":"affected"},{"version":"4.9.26","status":"affected"},{"version":"4.9.27","status":"affected"},{"version":"4.9.28","status":"affected"},{"version":"4.9.29","status":"affected"},{"version":"4.9.30","status":"affected"},{"version":"4.9.31","status":"affected"},{"version":"4.9.32","status":"affected"},{"version":"4.9.33","status":"affected"},{"version":"4.9.34","status":"affected"},{"version":"4.9.35","status":"affected"},{"version":"4.9.36","status":"affected"},{"version":"4.9.37","status":"affected"},{"version":"4.9.38","status":"affected"},{"version":"4.9.39","status":"affected"},{"version":"4.9.40","status":"affected"},{"version":"4.9.41","status":"affected"},{"version":"4.9.42","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"cna@vuldb.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:P/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":0.9,"baseSeverity":"LOW","attackVector":"PHYSICAL","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"NONE","userInteraction":"NONE","vulnConfidentialityImpact":"LOW","vulnIntegrityImpact":"NONE","vulnAvailabilityImpact":"NONE","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"PROOF_OF_CONCEPT","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"cna@vuldb.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N","baseScore":2.4,"baseSeverity":"LOW","attackVector":"PHYSICAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":0.9,"impactScore":1.4}],"cvssMetricV2":[{"source":"cna@vuldb.com","type":"Secondary","cvssData":{"version":"2.0","vectorString":"AV:L/AC:L/Au:N/C:P/I:N/A:N","baseScore":2.1,"accessVector":"LOCAL","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"NONE","availabilityImpact":"NONE"},"baseSeverity":"LOW","exploitabilityScore":3.9,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-29T13:40:29.246622Z","id":"CVE-2026-13514","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"cna@vuldb.com","type":"Secondary","description":[{"lang":"en","value":"CWE-285"},{"lang":"en","value":"CWE-530"}]}],"references":[{"url":"https://github.com/honestcorrupt/CHESS.COM-CVE-REQUEST","source":"cna@vuldb.com"},{"url":"https://play.google.com/store/apps/details?id=com.chess","source":"cna@vuldb.com"},{"url":"https://vuldb.com/cve/CVE-2026-13514","source":"cna@vuldb.com"},{"url":"https://vuldb.com/submit/838880","source":"cna@vuldb.com"},{"url":"https://vuldb.com/vuln/374522","source":"cna@vuldb.com"},{"url":"https://vuldb.com/vuln/374522/cti","source":"cna@vuldb.com"}]}},{"cve":{"id":"CVE-2026-13515","sourceIdentifier":"cna@vuldb.com","published":"2026-06-29T00:16:47.463","lastModified":"2026-06-29T18:46:31.617","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"A security vulnerability has been detected in Tenda JD12L 16.03.53.23. Impacted is the function formSetPPTPServer of the file /goform/SetPptpServerCfg. Such manipulation of the argument startIp leads to stack-based buffer overflow. The attack can be launched remotely. The exploit has been disclosed publicly and may be used."}],"affected":[{"source":"cna@vuldb.com","affectedData":[{"vendor":"Tenda","product":"JD12L","cpes":["cpe:2.3:h:tenda:jd12l:*:*:*:*:*:*:*:*"],"versions":[{"version":"16.03.53.23","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"cna@vuldb.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":7.4,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"LOW","userInteraction":"NONE","vulnConfidentialityImpact":"HIGH","vulnIntegrityImpact":"HIGH","vulnAvailabilityImpact":"HIGH","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"PROOF_OF_CONCEPT","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"cna@vuldb.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}],"cvssMetricV2":[{"source":"cna@vuldb.com","type":"Secondary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:S/C:C/I:C/A:C","baseScore":9.0,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"SINGLE","confidentialityImpact":"COMPLETE","integrityImpact":"COMPLETE","availabilityImpact":"COMPLETE"},"baseSeverity":"HIGH","exploitabilityScore":8.0,"impactScore":10.0,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-29T14:13:43.647249Z","id":"CVE-2026-13515","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"cna@vuldb.com","type":"Secondary","description":[{"lang":"en","value":"CWE-119"},{"lang":"en","value":"CWE-121"}]}],"references":[{"url":"https://github.com/cve-a/Vampirensa/issues/1","source":"cna@vuldb.com"},{"url":"https://vuldb.com/cve/CVE-2026-13515","source":"cna@vuldb.com"},{"url":"https://vuldb.com/submit/838885","source":"cna@vuldb.com"},{"url":"https://vuldb.com/vuln/374523","source":"cna@vuldb.com"},{"url":"https://vuldb.com/vuln/374523/cti","source":"cna@vuldb.com"},{"url":"https://www.tenda.com.cn/","source":"cna@vuldb.com"}]}},{"cve":{"id":"CVE-2026-13516","sourceIdentifier":"cna@vuldb.com","published":"2026-06-29T00:16:47.633","lastModified":"2026-06-29T18:46:31.617","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"A vulnerability was detected in Tenda JD12L 16.03.53.23. The affected element is the function fromSetWifiGusetBasic of the file /goform/WifiGuestSet. Performing a manipulation of the argument shareSpeed results in stack-based buffer overflow. The attack may be initiated remotely. The exploit is now public and may be used."}],"affected":[{"source":"cna@vuldb.com","affectedData":[{"vendor":"Tenda","product":"JD12L","cpes":["cpe:2.3:h:tenda:jd12l:*:*:*:*:*:*:*:*"],"versions":[{"version":"16.03.53.23","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"cna@vuldb.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":7.4,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"LOW","userInteraction":"NONE","vulnConfidentialityImpact":"HIGH","vulnIntegrityImpact":"HIGH","vulnAvailabilityImpact":"HIGH","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"PROOF_OF_CONCEPT","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"cna@vuldb.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}],"cvssMetricV2":[{"source":"cna@vuldb.com","type":"Secondary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:S/C:C/I:C/A:C","baseScore":9.0,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"SINGLE","confidentialityImpact":"COMPLETE","integrityImpact":"COMPLETE","availabilityImpact":"COMPLETE"},"baseSeverity":"HIGH","exploitabilityScore":8.0,"impactScore":10.0,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-29T13:42:35.752015Z","id":"CVE-2026-13516","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"cna@vuldb.com","type":"Secondary","description":[{"lang":"en","value":"CWE-119"},{"lang":"en","value":"CWE-121"}]}],"references":[{"url":"https://github.com/cve-a/Vampirensa/issues/2","source":"cna@vuldb.com"},{"url":"https://vuldb.com/cve/CVE-2026-13516","source":"cna@vuldb.com"},{"url":"https://vuldb.com/submit/838887","source":"cna@vuldb.com"},{"url":"https://vuldb.com/vuln/374524","source":"cna@vuldb.com"},{"url":"https://vuldb.com/vuln/374524/cti","source":"cna@vuldb.com"},{"url":"https://www.tenda.com.cn/","source":"cna@vuldb.com"}]}},{"cve":{"id":"CVE-2026-13517","sourceIdentifier":"cna@vuldb.com","published":"2026-06-29T01:16:30.517","lastModified":"2026-06-29T18:46:31.617","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"A flaw has been found in Tenda JD12L 16.03.53.23. The impacted element is the function formWifiBasicSet of the file /goform/WifiBasicSet. Executing a manipulation of the argument security_5g can lead to stack-based buffer overflow. The attack may be launched remotely. The exploit has been published and may be used."}],"affected":[{"source":"cna@vuldb.com","affectedData":[{"vendor":"Tenda","product":"JD12L","cpes":["cpe:2.3:h:tenda:jd12l:*:*:*:*:*:*:*:*"],"versions":[{"version":"16.03.53.23","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"cna@vuldb.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":7.4,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"LOW","userInteraction":"NONE","vulnConfidentialityImpact":"HIGH","vulnIntegrityImpact":"HIGH","vulnAvailabilityImpact":"HIGH","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"PROOF_OF_CONCEPT","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"cna@vuldb.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}],"cvssMetricV2":[{"source":"cna@vuldb.com","type":"Secondary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:S/C:C/I:C/A:C","baseScore":9.0,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"SINGLE","confidentialityImpact":"COMPLETE","integrityImpact":"COMPLETE","availabilityImpact":"COMPLETE"},"baseSeverity":"HIGH","exploitabilityScore":8.0,"impactScore":10.0,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-29T12:59:20.715082Z","id":"CVE-2026-13517","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"cna@vuldb.com","type":"Secondary","description":[{"lang":"en","value":"CWE-119"},{"lang":"en","value":"CWE-121"}]}],"references":[{"url":"https://github.com/cve-a/Vampirensa/issues/3","source":"cna@vuldb.com"},{"url":"https://vuldb.com/cve/CVE-2026-13517","source":"cna@vuldb.com"},{"url":"https://vuldb.com/submit/838888","source":"cna@vuldb.com"},{"url":"https://vuldb.com/vuln/374525","source":"cna@vuldb.com"},{"url":"https://vuldb.com/vuln/374525/cti","source":"cna@vuldb.com"},{"url":"https://www.tenda.com.cn/","source":"cna@vuldb.com"}]}},{"cve":{"id":"CVE-2026-13519","sourceIdentifier":"cna@vuldb.com","published":"2026-06-29T02:16:25.063","lastModified":"2026-06-29T18:41:05.950","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"A vulnerability was found in Tenda JD12L 16.03.53.23. This impacts the function fromNatStaticSetting of the file /goform/NatStaticSetting. The manipulation of the argument page results in stack-based buffer overflow. The attack can be executed remotely. The exploit has been made public and could be used."}],"affected":[{"source":"cna@vuldb.com","affectedData":[{"vendor":"Tenda","product":"JD12L","cpes":["cpe:2.3:h:tenda:jd12l:*:*:*:*:*:*:*:*"],"versions":[{"version":"16.03.53.23","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"cna@vuldb.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":7.4,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"LOW","userInteraction":"NONE","vulnConfidentialityImpact":"HIGH","vulnIntegrityImpact":"HIGH","vulnAvailabilityImpact":"HIGH","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"PROOF_OF_CONCEPT","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"cna@vuldb.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}],"cvssMetricV2":[{"source":"cna@vuldb.com","type":"Secondary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:S/C:C/I:C/A:C","baseScore":9.0,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"SINGLE","confidentialityImpact":"COMPLETE","integrityImpact":"COMPLETE","availabilityImpact":"COMPLETE"},"baseSeverity":"HIGH","exploitabilityScore":8.0,"impactScore":10.0,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-29T11:10:05.538829Z","id":"CVE-2026-13519","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"cna@vuldb.com","type":"Secondary","description":[{"lang":"en","value":"CWE-119"},{"lang":"en","value":"CWE-121"}]}],"references":[{"url":"https://github.com/cve-a/Yuanji-Wanshu/issues/1","source":"cna@vuldb.com"},{"url":"https://vuldb.com/cve/CVE-2026-13519","source":"cna@vuldb.com"},{"url":"https://vuldb.com/submit/838993","source":"cna@vuldb.com"},{"url":"https://vuldb.com/vuln/374527","source":"cna@vuldb.com"},{"url":"https://vuldb.com/vuln/374527/cti","source":"cna@vuldb.com"},{"url":"https://www.tenda.com.cn/","source":"cna@vuldb.com"}]}},{"cve":{"id":"CVE-2026-13520","sourceIdentifier":"cna@vuldb.com","published":"2026-06-29T02:16:25.230","lastModified":"2026-06-29T18:46:31.617","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"A vulnerability was determined in itsourcecode Hospital Management System 1.0. Affected is an unknown function of the file /appointmentapproval.php of the component Appointment Handler. This manipulation of the argument editid causes sql injection. The attack is possible to be carried out remotely. The exploit has been publicly disclosed and may be utilized."}],"affected":[{"source":"cna@vuldb.com","affectedData":[{"vendor":"itsourcecode","product":"Hospital Management System","cpes":["cpe:2.3:a:itsourcecode:hospital_management_system:*:*:*:*:*:*:*:*"],"modules":["Appointment Handler"],"versions":[{"version":"1.0","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"cna@vuldb.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":2.1,"baseSeverity":"LOW","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"LOW","userInteraction":"NONE","vulnConfidentialityImpact":"LOW","vulnIntegrityImpact":"LOW","vulnAvailabilityImpact":"LOW","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"PROOF_OF_CONCEPT","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"cna@vuldb.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L","baseScore":6.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"LOW"},"exploitabilityScore":2.8,"impactScore":3.4}],"cvssMetricV2":[{"source":"cna@vuldb.com","type":"Secondary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:S/C:P/I:P/A:P","baseScore":6.5,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"SINGLE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"MEDIUM","exploitabilityScore":8.0,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-29T13:41:25.410265Z","id":"CVE-2026-13520","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"cna@vuldb.com","type":"Secondary","description":[{"lang":"en","value":"CWE-74"},{"lang":"en","value":"CWE-89"}]}],"references":[{"url":"https://github.com/ltranquility/cve_submit/issues/20","source":"cna@vuldb.com"},{"url":"https://itsourcecode.com/","source":"cna@vuldb.com"},{"url":"https://vuldb.com/cve/CVE-2026-13520","source":"cna@vuldb.com"},{"url":"https://vuldb.com/submit/838994","source":"cna@vuldb.com"},{"url":"https://vuldb.com/vuln/374528","source":"cna@vuldb.com"},{"url":"https://vuldb.com/vuln/374528/cti","source":"cna@vuldb.com"}]}},{"cve":{"id":"CVE-2026-13521","sourceIdentifier":"cna@vuldb.com","published":"2026-06-29T02:16:25.390","lastModified":"2026-06-29T18:46:31.617","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"A vulnerability was identified in SourceCodester Class and Exam Timetabling System 1.0/5.php. Affected by this vulnerability is an unknown functionality of the file /preview5.php. Such manipulation of the argument course_year_section leads to sql injection. The attack may be performed from remote. The exploit is publicly available and might be used."}],"affected":[{"source":"cna@vuldb.com","affectedData":[{"vendor":"SourceCodester","product":"Class and Exam Timetabling System","cpes":["cpe:2.3:a:sourcecodester:class_and_exam_timetabling_system:*:*:*:*:*:*:*:*"],"versions":[{"version":"1.0","status":"affected"},{"version":"5.php","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"cna@vuldb.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":5.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"NONE","userInteraction":"NONE","vulnConfidentialityImpact":"LOW","vulnIntegrityImpact":"LOW","vulnAvailabilityImpact":"LOW","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"PROOF_OF_CONCEPT","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"cna@vuldb.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L","baseScore":7.3,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"LOW"},"exploitabilityScore":3.9,"impactScore":3.4}],"cvssMetricV2":[{"source":"cna@vuldb.com","type":"Secondary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:P/I:P/A:P","baseScore":7.5,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"HIGH","exploitabilityScore":10.0,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-29T13:36:41.297938Z","id":"CVE-2026-13521","options":[{"exploitation":"poc"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"cna@vuldb.com","type":"Secondary","description":[{"lang":"en","value":"CWE-74"},{"lang":"en","value":"CWE-89"}]}],"references":[{"url":"https://github.com/xiaoxuxu233/myCVE/issues/2","source":"cna@vuldb.com"},{"url":"https://vuldb.com/cve/CVE-2026-13521","source":"cna@vuldb.com"},{"url":"https://vuldb.com/submit/839572","source":"cna@vuldb.com"},{"url":"https://vuldb.com/vuln/374529","source":"cna@vuldb.com"},{"url":"https://vuldb.com/vuln/374529/cti","source":"cna@vuldb.com"},{"url":"https://www.sourcecodester.com/","source":"cna@vuldb.com"}]}},{"cve":{"id":"CVE-2026-13522","sourceIdentifier":"cna@vuldb.com","published":"2026-06-29T02:16:25.557","lastModified":"2026-06-29T18:46:31.617","vulnStatus":"Deferred","cveTags":[{"sourceIdentifier":"cna@vuldb.com","tags":["unsupported-when-assigned"]}],"descriptions":[{"lang":"en","value":"A security flaw has been discovered in Investintech SlimPDFReader up to 2.0.14. Affected by this issue is the function SlimPDFReader!Investintech::PCV::TeighaDo+0x25cde0 of the file SlimPDFReader.exe of the component PDF File Handler. Performing a manipulation results in out-of-bounds read. It is possible to initiate the attack remotely. This vulnerability only affects products that are no longer supported by the maintainer."}],"affected":[{"source":"cna@vuldb.com","affectedData":[{"vendor":"Investintech","product":"SlimPDFReader","cpes":["cpe:2.3:a:investintech:slimpdfreader:*:*:*:*:*:*:*:*"],"modules":["PDF File Handler"],"versions":[{"version":"2.0.0","status":"affected"},{"version":"2.0.1","status":"affected"},{"version":"2.0.2","status":"affected"},{"version":"2.0.3","status":"affected"},{"version":"2.0.4","status":"affected"},{"version":"2.0.5","status":"affected"},{"version":"2.0.6","status":"affected"},{"version":"2.0.7","status":"affected"},{"version":"2.0.8","status":"affected"},{"version":"2.0.9","status":"affected"},{"version":"2.0.10","status":"affected"},{"version":"2.0.11","status":"affected"},{"version":"2.0.12","status":"affected"},{"version":"2.0.13","status":"affected"},{"version":"2.0.14","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"cna@vuldb.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":2.1,"baseSeverity":"LOW","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"NONE","userInteraction":"PASSIVE","vulnConfidentialityImpact":"NONE","vulnIntegrityImpact":"NONE","vulnAvailabilityImpact":"LOW","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"PROOF_OF_CONCEPT","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"cna@vuldb.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","baseScore":4.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"LOW"},"exploitabilityScore":2.8,"impactScore":1.4}],"cvssMetricV2":[{"source":"cna@vuldb.com","type":"Secondary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:N/I:N/A:P","baseScore":5.0,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"PARTIAL"},"baseSeverity":"MEDIUM","exploitabilityScore":10.0,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-29T13:41:33.467112Z","id":"CVE-2026-13522","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"cna@vuldb.com","type":"Secondary","description":[{"lang":"en","value":"CWE-119"},{"lang":"en","value":"CWE-125"}]}],"references":[{"url":"https://vuldb.com/cve/CVE-2026-13522","source":"cna@vuldb.com"},{"url":"https://vuldb.com/submit/839637","source":"cna@vuldb.com"},{"url":"https://vuldb.com/vuln/374530","source":"cna@vuldb.com"},{"url":"https://vuldb.com/vuln/374530/cti","source":"cna@vuldb.com"},{"url":"https://vuldb.com/submit/839637","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0"}]}},{"cve":{"id":"CVE-2026-13523","sourceIdentifier":"cna@vuldb.com","published":"2026-06-29T03:16:45.283","lastModified":"2026-06-29T18:46:31.617","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"A weakness has been identified in GPAC up to 26.02.0. This affects an unknown part of the file src/utils/base_encoding.c of the component ISOBMFF Parser. Executing a manipulation can lead to highly compressed data. The attack needs to be launched locally. The exploit has been made available to the public and could be used for attacks. This patch is called 297f2d8d1f493d8b241330533cd47f7da758aeb3. A patch should be applied to remediate this issue. The vendor confirms: \"We added a check on inflate output size, if it surpasses 32 times the input size we stop in error. This value could be adjusted later.\""}],"affected":[{"source":"cna@vuldb.com","affectedData":[{"vendor":"n/a","product":"GPAC","cpes":["cpe:2.3:a:gpac:gpac:*:*:*:*:*:*:*:*"],"modules":["ISOBMFF Parser"],"versions":[{"version":"26.02","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"cna@vuldb.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":1.9,"baseSeverity":"LOW","attackVector":"LOCAL","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"LOW","userInteraction":"NONE","vulnConfidentialityImpact":"NONE","vulnIntegrityImpact":"NONE","vulnAvailabilityImpact":"LOW","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"PROOF_OF_CONCEPT","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"cna@vuldb.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L","baseScore":3.3,"baseSeverity":"LOW","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"LOW"},"exploitabilityScore":1.8,"impactScore":1.4}],"cvssMetricV2":[{"source":"cna@vuldb.com","type":"Secondary","cvssData":{"version":"2.0","vectorString":"AV:L/AC:L/Au:S/C:N/I:N/A:P","baseScore":1.7,"accessVector":"LOCAL","accessComplexity":"LOW","authentication":"SINGLE","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"PARTIAL"},"baseSeverity":"LOW","exploitabilityScore":3.1,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-29T12:58:45.988130Z","id":"CVE-2026-13523","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"cna@vuldb.com","type":"Secondary","description":[{"lang":"en","value":"CWE-404"},{"lang":"en","value":"CWE-409"}]}],"references":[{"url":"https://github.com/gpac/gpac/","source":"cna@vuldb.com"},{"url":"https://github.com/gpac/gpac/commit/297f2d8d1f493d8b241330533cd47f7da758aeb3","source":"cna@vuldb.com"},{"url":"https://github.com/gpac/gpac/issues/3588","source":"cna@vuldb.com"},{"url":"https://github.com/gpac/gpac/pull/3589","source":"cna@vuldb.com"},{"url":"https://vuldb.com/cve/CVE-2026-13523","source":"cna@vuldb.com"},{"url":"https://vuldb.com/submit/840159","source":"cna@vuldb.com"},{"url":"https://vuldb.com/vuln/374531","source":"cna@vuldb.com"},{"url":"https://vuldb.com/vuln/374531/cti","source":"cna@vuldb.com"}]}},{"cve":{"id":"CVE-2026-13525","sourceIdentifier":"cna@vuldb.com","published":"2026-06-29T03:16:45.643","lastModified":"2026-06-29T18:41:05.950","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"A vulnerability was detected in CodeAstro Human Resource Management System 1.0. This issue affects the function emselectByCode of the file application/models/Employee_model.php of the component Update_Earn_Leave Endpoint. The manipulation of the argument emid results in sql injection. The attack can be launched remotely. The exploit is now public and may be used."}],"affected":[{"source":"cna@vuldb.com","affectedData":[{"vendor":"CodeAstro","product":"Human Resource Management System","cpes":["cpe:2.3:a:codeastro:human_resource_management_system:*:*:*:*:*:*:*:*"],"modules":["Update_Earn_Leave Endpoint"],"versions":[{"version":"1.0","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"cna@vuldb.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":2.1,"baseSeverity":"LOW","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"LOW","userInteraction":"NONE","vulnConfidentialityImpact":"LOW","vulnIntegrityImpact":"LOW","vulnAvailabilityImpact":"LOW","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"PROOF_OF_CONCEPT","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"cna@vuldb.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L","baseScore":6.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"LOW"},"exploitabilityScore":2.8,"impactScore":3.4}],"cvssMetricV2":[{"source":"cna@vuldb.com","type":"Secondary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:S/C:P/I:P/A:P","baseScore":6.5,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"SINGLE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"MEDIUM","exploitabilityScore":8.0,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-29T11:09:15.655957Z","id":"CVE-2026-13525","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"cna@vuldb.com","type":"Secondary","description":[{"lang":"en","value":"CWE-74"},{"lang":"en","value":"CWE-89"}]}],"references":[{"url":"https://codeastro.com/","source":"cna@vuldb.com"},{"url":"https://github.com/ashikmd0507/CVE/tree/main/Time-Based%20Blind%20SQL%20Injection%20in%20Update_Earn_Leave%20via%20emid%20Parameter","source":"cna@vuldb.com"},{"url":"https://vuldb.com/cve/CVE-2026-13525","source":"cna@vuldb.com"},{"url":"https://vuldb.com/submit/840506","source":"cna@vuldb.com"},{"url":"https://vuldb.com/vuln/374533","source":"cna@vuldb.com"},{"url":"https://vuldb.com/vuln/374533/cti","source":"cna@vuldb.com"}]}},{"cve":{"id":"CVE-2026-13526","sourceIdentifier":"cna@vuldb.com","published":"2026-06-29T03:16:45.810","lastModified":"2026-06-29T18:46:31.617","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"A flaw has been found in SourceCodester Class and Exam Timetabling System 1.0. Impacted is an unknown function of the file /edit_class.php. This manipulation of the argument ID causes sql injection. The attack may be initiated remotely. The exploit has been published and may be used."}],"affected":[{"source":"cna@vuldb.com","affectedData":[{"vendor":"SourceCodester","product":"Class and Exam Timetabling System","cpes":["cpe:2.3:a:sourcecodester:class_and_exam_timetabling_system:*:*:*:*:*:*:*:*"],"versions":[{"version":"1.0","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"cna@vuldb.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":5.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"NONE","userInteraction":"NONE","vulnConfidentialityImpact":"LOW","vulnIntegrityImpact":"LOW","vulnAvailabilityImpact":"LOW","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"PROOF_OF_CONCEPT","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"cna@vuldb.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L","baseScore":7.3,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"LOW"},"exploitabilityScore":3.9,"impactScore":3.4}],"cvssMetricV2":[{"source":"cna@vuldb.com","type":"Secondary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:P/I:P/A:P","baseScore":7.5,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"HIGH","exploitabilityScore":10.0,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-29T13:42:35.711258Z","id":"CVE-2026-13526","options":[{"exploitation":"poc"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"cna@vuldb.com","type":"Secondary","description":[{"lang":"en","value":"CWE-74"},{"lang":"en","value":"CWE-89"}]}],"references":[{"url":"https://github.com/yuanyuandechen/vul/issues/2","source":"cna@vuldb.com"},{"url":"https://vuldb.com/cve/CVE-2026-13526","source":"cna@vuldb.com"},{"url":"https://vuldb.com/submit/840550","source":"cna@vuldb.com"},{"url":"https://vuldb.com/vuln/374534","source":"cna@vuldb.com"},{"url":"https://vuldb.com/vuln/374534/cti","source":"cna@vuldb.com"},{"url":"https://www.sourcecodester.com/","source":"cna@vuldb.com"}]}},{"cve":{"id":"CVE-2026-13527","sourceIdentifier":"cna@vuldb.com","published":"2026-06-29T04:16:27.550","lastModified":"2026-06-29T18:46:31.617","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"A vulnerability has been found in SourceCodester Class and Exam Timetabling System 1.0. The affected element is an unknown function of the file /preview4.php. Such manipulation of the argument course_year_section leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used."}],"affected":[{"source":"cna@vuldb.com","affectedData":[{"vendor":"SourceCodester","product":"Class and Exam Timetabling System","cpes":["cpe:2.3:a:sourcecodester:class_and_exam_timetabling_system:*:*:*:*:*:*:*:*"],"versions":[{"version":"1.0","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"cna@vuldb.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":5.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"NONE","userInteraction":"NONE","vulnConfidentialityImpact":"LOW","vulnIntegrityImpact":"LOW","vulnAvailabilityImpact":"LOW","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"PROOF_OF_CONCEPT","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"cna@vuldb.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L","baseScore":7.3,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"LOW"},"exploitabilityScore":3.9,"impactScore":3.4}],"cvssMetricV2":[{"source":"cna@vuldb.com","type":"Secondary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:P/I:P/A:P","baseScore":7.5,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"HIGH","exploitabilityScore":10.0,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-29T13:36:38.775071Z","id":"CVE-2026-13527","options":[{"exploitation":"poc"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"cna@vuldb.com","type":"Secondary","description":[{"lang":"en","value":"CWE-74"},{"lang":"en","value":"CWE-89"}]}],"references":[{"url":"https://github.com/yuanyuandechen/vul/issues/1","source":"cna@vuldb.com"},{"url":"https://vuldb.com/cve/CVE-2026-13527","source":"cna@vuldb.com"},{"url":"https://vuldb.com/submit/840551","source":"cna@vuldb.com"},{"url":"https://vuldb.com/vuln/374535","source":"cna@vuldb.com"},{"url":"https://vuldb.com/vuln/374535/cti","source":"cna@vuldb.com"},{"url":"https://www.sourcecodester.com/","source":"cna@vuldb.com"}]}},{"cve":{"id":"CVE-2026-13528","sourceIdentifier":"cna@vuldb.com","published":"2026-06-29T04:16:29.317","lastModified":"2026-06-29T18:46:31.617","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"A vulnerability was found in YunaiV/zhijiantianya ruoyi-vue-pro up to 2026.04-jdk8-SNAPSHOT. The impacted element is the function generateUploadPath of the file yudao-module-infra/src/main/java/cn/iocoder/yudao/module/infra/service/file/FileServiceImpl.java of the component AppFileController File Upload Endpoint. Performing a manipulation results in path traversal. Remote exploitation of the attack is possible. The exploit has been made public and could be used. The patch is named 4ae3f6b2c9883978837638c14e3d18419819eeb0. It is recommended to apply a patch to fix this issue. This product is published by multiple vendors."}],"affected":[{"source":"cna@vuldb.com","affectedData":[{"vendor":"YunaiV","product":"ruoyi-vue-pro","cpes":["cpe:2.3:a:yunaiv:ruoyi-vue-pro:*:*:*:*:*:*:*:*"],"modules":["AppFileController File Upload Endpoint"],"versions":[{"version":"2026.04-jdk8-SNAPSHOT","status":"affected"}]},{"vendor":"zhijiantianya","product":"ruoyi-vue-pro","cpes":["cpe:2.3:a:zhijiantianya:ruoyi-vue-pro:*:*:*:*:*:*:*:*"],"modules":["AppFileController File Upload Endpoint"],"versions":[{"version":"2026.04-jdk8-SNAPSHOT","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"cna@vuldb.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":5.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"NONE","userInteraction":"NONE","vulnConfidentialityImpact":"LOW","vulnIntegrityImpact":"LOW","vulnAvailabilityImpact":"LOW","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"PROOF_OF_CONCEPT","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"cna@vuldb.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L","baseScore":7.3,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"LOW"},"exploitabilityScore":3.9,"impactScore":3.4}],"cvssMetricV2":[{"source":"cna@vuldb.com","type":"Secondary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:P/I:P/A:P","baseScore":7.5,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"HIGH","exploitabilityScore":10.0,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-29T13:32:59.513604Z","id":"CVE-2026-13528","options":[{"exploitation":"poc"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"cna@vuldb.com","type":"Secondary","description":[{"lang":"en","value":"CWE-22"}]}],"references":[{"url":"https://gitee.com/zhijiantianya/ruoyi-vue-pro/commit/4ae3f6b2c9883978837638c14e3d18419819eeb0","source":"cna@vuldb.com"},{"url":"https://github.com/YunaiV/ruoyi-vue-pro/","source":"cna@vuldb.com"},{"url":"https://github.com/YunaiV/ruoyi-vue-pro/issues/1146","source":"cna@vuldb.com"},{"url":"https://github.com/YunaiV/ruoyi-vue-pro/issues/1146#issuecomment-4583281212","source":"cna@vuldb.com"},{"url":"https://vuldb.com/cve/CVE-2026-13528","source":"cna@vuldb.com"},{"url":"https://vuldb.com/submit/840617","source":"cna@vuldb.com"},{"url":"https://vuldb.com/vuln/374536","source":"cna@vuldb.com"},{"url":"https://vuldb.com/vuln/374536/cti","source":"cna@vuldb.com"}]}},{"cve":{"id":"CVE-2026-13529","sourceIdentifier":"cna@vuldb.com","published":"2026-06-29T04:16:29.497","lastModified":"2026-06-29T18:46:31.617","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"A vulnerability was determined in YzmCMS up to 7.5. This affects an unknown function of the file /application/install/index.php. Executing a manipulation of the argument siteurl can lead to sql injection. The attack can be executed remotely. A high complexity level is associated with this attack. The exploitability is reported as difficult. The exploit has been publicly disclosed and may be utilized. The vendor was contacted early about this disclosure but did not respond in any way."}],"affected":[{"source":"cna@vuldb.com","affectedData":[{"vendor":"n/a","product":"YzmCMS","cpes":["cpe:2.3:a:yzmcms:yzmcms:*:*:*:*:*:*:*:*"],"versions":[{"version":"7.0","status":"affected"},{"version":"7.1","status":"affected"},{"version":"7.2","status":"affected"},{"version":"7.3","status":"affected"},{"version":"7.4","status":"affected"},{"version":"7.5","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"cna@vuldb.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":2.9,"baseSeverity":"LOW","attackVector":"NETWORK","attackComplexity":"HIGH","attackRequirements":"NONE","privilegesRequired":"NONE","userInteraction":"NONE","vulnConfidentialityImpact":"LOW","vulnIntegrityImpact":"LOW","vulnAvailabilityImpact":"LOW","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"PROOF_OF_CONCEPT","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"cna@vuldb.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L","baseScore":5.6,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"LOW"},"exploitabilityScore":2.2,"impactScore":3.4}],"cvssMetricV2":[{"source":"cna@vuldb.com","type":"Secondary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:H/Au:N/C:P/I:P/A:P","baseScore":5.1,"accessVector":"NETWORK","accessComplexity":"HIGH","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"MEDIUM","exploitabilityScore":4.9,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-29T12:58:03.187857Z","id":"CVE-2026-13529","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"cna@vuldb.com","type":"Secondary","description":[{"lang":"en","value":"CWE-74"},{"lang":"en","value":"CWE-89"}]}],"references":[{"url":"https://github.com/drose025/security/blob/main/1.md","source":"cna@vuldb.com"},{"url":"https://vuldb.com/cve/CVE-2026-13529","source":"cna@vuldb.com"},{"url":"https://vuldb.com/submit/840800","source":"cna@vuldb.com"},{"url":"https://vuldb.com/vuln/374537","source":"cna@vuldb.com"},{"url":"https://vuldb.com/vuln/374537/cti","source":"cna@vuldb.com"}]}},{"cve":{"id":"CVE-2026-13531","sourceIdentifier":"cna@vuldb.com","published":"2026-06-29T04:16:29.870","lastModified":"2026-06-29T18:41:05.950","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"A security flaw has been discovered in itsourcecode Hospital Management System 1.0. Affected is an unknown function of the file /department.php. The manipulation of the argument editid results in sql injection. The attack may be performed from remote. The exploit has been released to the public and may be used for attacks."}],"affected":[{"source":"cna@vuldb.com","affectedData":[{"vendor":"itsourcecode","product":"Hospital Management System","cpes":["cpe:2.3:a:itsourcecode:hospital_management_system:*:*:*:*:*:*:*:*"],"versions":[{"version":"1.0","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"cna@vuldb.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":2.1,"baseSeverity":"LOW","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"LOW","userInteraction":"NONE","vulnConfidentialityImpact":"LOW","vulnIntegrityImpact":"LOW","vulnAvailabilityImpact":"LOW","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"PROOF_OF_CONCEPT","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"cna@vuldb.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L","baseScore":6.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"LOW"},"exploitabilityScore":2.8,"impactScore":3.4}],"cvssMetricV2":[{"source":"cna@vuldb.com","type":"Secondary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:S/C:P/I:P/A:P","baseScore":6.5,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"SINGLE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"MEDIUM","exploitabilityScore":8.0,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-29T11:08:17.647689Z","id":"CVE-2026-13531","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"cna@vuldb.com","type":"Secondary","description":[{"lang":"en","value":"CWE-74"},{"lang":"en","value":"CWE-89"}]}],"references":[{"url":"https://github.com/Fomovet/cve/issues/2","source":"cna@vuldb.com"},{"url":"https://itsourcecode.com/","source":"cna@vuldb.com"},{"url":"https://vuldb.com/cve/CVE-2026-13531","source":"cna@vuldb.com"},{"url":"https://vuldb.com/submit/841275","source":"cna@vuldb.com"},{"url":"https://vuldb.com/vuln/374539","source":"cna@vuldb.com"},{"url":"https://vuldb.com/vuln/374539/cti","source":"cna@vuldb.com"}]}},{"cve":{"id":"CVE-2026-13532","sourceIdentifier":"cna@vuldb.com","published":"2026-06-29T06:16:24.943","lastModified":"2026-06-29T18:46:31.617","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"A weakness has been identified in itsourcecode Hospital Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /departmentDoctor.php. This manipulation of the argument deptid causes sql injection. It is possible to initiate the attack remotely. The exploit has been made available to the public and could be used for attacks."}],"affected":[{"source":"cna@vuldb.com","affectedData":[{"vendor":"itsourcecode","product":"Hospital Management System","cpes":["cpe:2.3:a:itsourcecode:hospital_management_system:*:*:*:*:*:*:*:*"],"versions":[{"version":"1.0","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"cna@vuldb.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":2.1,"baseSeverity":"LOW","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"LOW","userInteraction":"NONE","vulnConfidentialityImpact":"LOW","vulnIntegrityImpact":"LOW","vulnAvailabilityImpact":"LOW","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"PROOF_OF_CONCEPT","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"cna@vuldb.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L","baseScore":6.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"LOW"},"exploitabilityScore":2.8,"impactScore":3.4}],"cvssMetricV2":[{"source":"cna@vuldb.com","type":"Secondary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:S/C:P/I:P/A:P","baseScore":6.5,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"SINGLE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"MEDIUM","exploitabilityScore":8.0,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-29T13:43:40.979283Z","id":"CVE-2026-13532","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"cna@vuldb.com","type":"Secondary","description":[{"lang":"en","value":"CWE-74"},{"lang":"en","value":"CWE-89"}]}],"references":[{"url":"https://github.com/Fomovet/cve/issues/3","source":"cna@vuldb.com"},{"url":"https://itsourcecode.com/","source":"cna@vuldb.com"},{"url":"https://vuldb.com/cve/CVE-2026-13532","source":"cna@vuldb.com"},{"url":"https://vuldb.com/submit/841276","source":"cna@vuldb.com"},{"url":"https://vuldb.com/vuln/374540","source":"cna@vuldb.com"},{"url":"https://vuldb.com/vuln/374540/cti","source":"cna@vuldb.com"}]}},{"cve":{"id":"CVE-2026-13533","sourceIdentifier":"cna@vuldb.com","published":"2026-06-29T06:16:27.227","lastModified":"2026-06-29T18:46:31.617","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"A security vulnerability has been detected in agentejo Cockpit CMS up to 0.12.2. Affected by this issue is the function Spyc::YAMLLoad of the file /config/config.yaml of the component htaccess Handler. Such manipulation leads to files or directories accessible. It is possible to launch the attack remotely. The exploit has been disclosed publicly and may be used. Configuration settings should be changed. The vendor was contacted early about this disclosure but did not respond in any way."}],"affected":[{"source":"cna@vuldb.com","affectedData":[{"vendor":"agentejo","product":"Cockpit CMS","cpes":["cpe:2.3:a:agentejo:cockpit_cms:*:*:*:*:*:*:*:*"],"modules":["htaccess Handler"],"versions":[{"version":"0.12.0","status":"affected"},{"version":"0.12.1","status":"affected"},{"version":"0.12.2","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"cna@vuldb.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":5.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"NONE","userInteraction":"NONE","vulnConfidentialityImpact":"LOW","vulnIntegrityImpact":"NONE","vulnAvailabilityImpact":"NONE","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"PROOF_OF_CONCEPT","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"cna@vuldb.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N","baseScore":5.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":1.4}],"cvssMetricV2":[{"source":"cna@vuldb.com","type":"Secondary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:P/I:N/A:N","baseScore":5.0,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"NONE","availabilityImpact":"NONE"},"baseSeverity":"MEDIUM","exploitabilityScore":10.0,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-29T13:36:36.412082Z","id":"CVE-2026-13533","options":[{"exploitation":"poc"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"cna@vuldb.com","type":"Secondary","description":[{"lang":"en","value":"CWE-425"},{"lang":"en","value":"CWE-552"}]}],"references":[{"url":"https://gist.github.com/nov-1337/3eb0a06c602ced9c3b11b675b53947da","source":"cna@vuldb.com"},{"url":"https://vuldb.com/cve/CVE-2026-13533","source":"cna@vuldb.com"},{"url":"https://vuldb.com/submit/841343","source":"cna@vuldb.com"},{"url":"https://vuldb.com/vuln/374541","source":"cna@vuldb.com"},{"url":"https://vuldb.com/vuln/374541/cti","source":"cna@vuldb.com"}]}},{"cve":{"id":"CVE-2026-13534","sourceIdentifier":"cna@vuldb.com","published":"2026-06-29T06:16:27.647","lastModified":"2026-06-29T18:46:31.617","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"A vulnerability was detected in CherryHQ cherry-studio up to 1.9.7. This affects the function sha256 of the file src/main/services/memory/MemoryService.ts of the component CherryIN Preload API. Performing a manipulation of the argument state results in authorization bypass. The attack can be initiated remotely. The attack's complexity is rated as high. It is indicated that the exploitability is difficult. The exploit is now public and may be used. The vendor explains, that \"[m]emory is planned to be removed in v2 version.\""}],"affected":[{"source":"cna@vuldb.com","affectedData":[{"vendor":"CherryHQ","product":"cherry-studio","cpes":["cpe:2.3:a:cherryhq:cherry-studio:*:*:*:*:*:*:*:*"],"modules":["CherryIN Preload API"],"versions":[{"version":"1.9.0","status":"affected"},{"version":"1.9.1","status":"affected"},{"version":"1.9.2","status":"affected"},{"version":"1.9.3","status":"affected"},{"version":"1.9.4","status":"affected"},{"version":"1.9.5","status":"affected"},{"version":"1.9.6","status":"affected"},{"version":"1.9.7","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"cna@vuldb.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":1.3,"baseSeverity":"LOW","attackVector":"NETWORK","attackComplexity":"HIGH","attackRequirements":"NONE","privilegesRequired":"LOW","userInteraction":"NONE","vulnConfidentialityImpact":"LOW","vulnIntegrityImpact":"LOW","vulnAvailabilityImpact":"LOW","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"PROOF_OF_CONCEPT","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"cna@vuldb.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L","baseScore":5.0,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"LOW"},"exploitabilityScore":1.6,"impactScore":3.4}],"cvssMetricV2":[{"source":"cna@vuldb.com","type":"Secondary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:H/Au:S/C:P/I:P/A:P","baseScore":4.6,"accessVector":"NETWORK","accessComplexity":"HIGH","authentication":"SINGLE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"MEDIUM","exploitabilityScore":3.9,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-29T13:37:19.539055Z","id":"CVE-2026-13534","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"cna@vuldb.com","type":"Secondary","description":[{"lang":"en","value":"CWE-285"},{"lang":"en","value":"CWE-639"}]}],"references":[{"url":"https://github.com/CherryHQ/cherry-studio/","source":"cna@vuldb.com"},{"url":"https://github.com/CherryHQ/cherry-studio/issues/15411","source":"cna@vuldb.com"},{"url":"https://github.com/CherryHQ/cherry-studio/pull/15413","source":"cna@vuldb.com"},{"url":"https://vuldb.com/cve/CVE-2026-13534","source":"cna@vuldb.com"},{"url":"https://vuldb.com/submit/841998","source":"cna@vuldb.com"},{"url":"https://vuldb.com/vuln/374542","source":"cna@vuldb.com"},{"url":"https://vuldb.com/vuln/374542/cti","source":"cna@vuldb.com"}]}},{"cve":{"id":"CVE-2026-13535","sourceIdentifier":"cna@vuldb.com","published":"2026-06-29T06:16:28.007","lastModified":"2026-06-29T18:46:31.617","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"A flaw has been found in CodeAstro Human Resource Management System 1.0. This vulnerability affects the function GetFileInfo of the file hrsystem/application/models/Employee_model.php of the component View Endpoint. Executing a manipulation of the argument ID can lead to sql injection. The attack can be launched remotely. The exploit has been published and may be used."}],"affected":[{"source":"cna@vuldb.com","affectedData":[{"vendor":"CodeAstro","product":"Human Resource Management System","cpes":["cpe:2.3:a:codeastro:human_resource_management_system:*:*:*:*:*:*:*:*"],"modules":["View Endpoint"],"versions":[{"version":"1.0","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"cna@vuldb.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":2.1,"baseSeverity":"LOW","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"LOW","userInteraction":"NONE","vulnConfidentialityImpact":"LOW","vulnIntegrityImpact":"LOW","vulnAvailabilityImpact":"LOW","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"PROOF_OF_CONCEPT","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"cna@vuldb.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L","baseScore":6.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"LOW"},"exploitabilityScore":2.8,"impactScore":3.4}],"cvssMetricV2":[{"source":"cna@vuldb.com","type":"Secondary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:S/C:P/I:P/A:P","baseScore":6.5,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"SINGLE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"MEDIUM","exploitabilityScore":8.0,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-29T12:57:30.276601Z","id":"CVE-2026-13535","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"cna@vuldb.com","type":"Secondary","description":[{"lang":"en","value":"CWE-74"},{"lang":"en","value":"CWE-89"}]}],"references":[{"url":"https://codeastro.com/","source":"cna@vuldb.com"},{"url":"https://github.com/ashikmd0507/CVE/tree/main/SQL%20Injection%20via%20GetFileInfo%20Function","source":"cna@vuldb.com"},{"url":"https://vuldb.com/cve/CVE-2026-13535","source":"cna@vuldb.com"},{"url":"https://vuldb.com/submit/842053","source":"cna@vuldb.com"},{"url":"https://vuldb.com/vuln/374543","source":"cna@vuldb.com"},{"url":"https://vuldb.com/vuln/374543/cti","source":"cna@vuldb.com"}]}},{"cve":{"id":"CVE-2026-13537","sourceIdentifier":"cna@vuldb.com","published":"2026-06-29T06:16:28.793","lastModified":"2026-06-29T18:41:05.950","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"A vulnerability was found in CodeAstro Human Resource Management System 1.0. Impacted is an unknown function. The manipulation results in cross-site request forgery. The attack may be launched remotely. The exploit has been made public and could be used."}],"affected":[{"source":"cna@vuldb.com","affectedData":[{"vendor":"CodeAstro","product":"Human Resource Management System","cpes":["cpe:2.3:a:codeastro:human_resource_management_system:*:*:*:*:*:*:*:*"],"versions":[{"version":"1.0","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"cna@vuldb.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":2.1,"baseSeverity":"LOW","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"NONE","userInteraction":"PASSIVE","vulnConfidentialityImpact":"NONE","vulnIntegrityImpact":"LOW","vulnAvailabilityImpact":"NONE","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"PROOF_OF_CONCEPT","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"cna@vuldb.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N","baseScore":4.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":1.4}],"cvssMetricV2":[{"source":"cna@vuldb.com","type":"Secondary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:N/I:P/A:N","baseScore":5.0,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"NONE","integrityImpact":"PARTIAL","availabilityImpact":"NONE"},"baseSeverity":"MEDIUM","exploitabilityScore":10.0,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-29T10:58:56.393101Z","id":"CVE-2026-13537","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"cna@vuldb.com","type":"Secondary","description":[{"lang":"en","value":"CWE-352"},{"lang":"en","value":"CWE-862"}]}],"references":[{"url":"https://codeastro.com/","source":"cna@vuldb.com"},{"url":"https://github.com/ashikmd0507/CVE/tree/main/CSRF%20in%20Department%20Deletion%20Endpoint","source":"cna@vuldb.com"},{"url":"https://vuldb.com/cve/CVE-2026-13537","source":"cna@vuldb.com"},{"url":"https://vuldb.com/submit/842084","source":"cna@vuldb.com"},{"url":"https://vuldb.com/vuln/374545","source":"cna@vuldb.com"},{"url":"https://vuldb.com/vuln/374545/cti","source":"cna@vuldb.com"}]}},{"cve":{"id":"CVE-2026-13538","sourceIdentifier":"cna@vuldb.com","published":"2026-06-29T06:16:29.040","lastModified":"2026-06-29T18:46:31.617","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"A vulnerability was determined in Wavlink WL-NU516U1-A M16U1_V240425. The affected element is the function sub_401D68 of the file /cgi-bin/wireless.cgi of the component POST Parameter Handler. This manipulation of the argument SSID2G2/SSID5G2/AuthMethod2/WPAPSK12 causes command injection. Remote exploitation of the attack is possible. The exploit has been publicly disclosed and may be utilized. The affected component should be upgraded. The vendor was contacted early, responded in a very professional manner and quickly released a fixed version of the affected product."}],"affected":[{"source":"cna@vuldb.com","affectedData":[{"vendor":"Wavlink","product":"WL-NU516U1-A","cpes":["cpe:2.3:a:wavlink:wl-nu516u1-a:*:*:*:*:*:*:*:*"],"modules":["POST Parameter Handler"],"versions":[{"version":"M16U1_V240425","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"cna@vuldb.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":2.1,"baseSeverity":"LOW","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"LOW","userInteraction":"NONE","vulnConfidentialityImpact":"LOW","vulnIntegrityImpact":"LOW","vulnAvailabilityImpact":"LOW","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"PROOF_OF_CONCEPT","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"cna@vuldb.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L","baseScore":6.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"LOW"},"exploitabilityScore":2.8,"impactScore":3.4}],"cvssMetricV2":[{"source":"cna@vuldb.com","type":"Secondary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:S/C:P/I:P/A:P","baseScore":6.5,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"SINGLE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"MEDIUM","exploitabilityScore":8.0,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-29T13:47:32.393217Z","id":"CVE-2026-13538","options":[{"exploitation":"poc"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"cna@vuldb.com","type":"Secondary","description":[{"lang":"en","value":"CWE-74"},{"lang":"en","value":"CWE-77"}]}],"references":[{"url":"https://dl.wavlink.com/firmware/RD/WINSTAR_NU516U1-WO-A-2026-06-22-5ccde97-mt7628-squashfs-sysupgrade.bin","source":"cna@vuldb.com"},{"url":"https://github.com/Svigo-o/Wavlink_vul/tree/main/wavlink-wl-nu516u1-wireless-multissid-ssid2g2-command-injection","source":"cna@vuldb.com"},{"url":"https://github.com/Svigo-o/Wavlink_vul/tree/main/wavlink-wl-nu516u1-wireless-multissid-ssid5g2-command-injection","source":"cna@vuldb.com"},{"url":"https://vuldb.com/cve/CVE-2026-13538","source":"cna@vuldb.com"},{"url":"https://vuldb.com/submit/834019","source":"cna@vuldb.com"},{"url":"https://vuldb.com/submit/834021","source":"cna@vuldb.com"},{"url":"https://vuldb.com/submit/834022","source":"cna@vuldb.com"},{"url":"https://vuldb.com/submit/834023","source":"cna@vuldb.com"},{"url":"https://vuldb.com/vuln/374546","source":"cna@vuldb.com"},{"url":"https://vuldb.com/vuln/374546/cti","source":"cna@vuldb.com"}]}},{"cve":{"id":"CVE-2025-0824","sourceIdentifier":"hirt@hitachi.co.jp","published":"2026-06-29T07:16:23.423","lastModified":"2026-06-29T18:52:40.497","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"Lack of validation for firmware update in Hitachi Hitachi Virtual Storage Platform One Block 23, 24, 26, 28.\n\nThis issue affects Hitachi Virtual Storage Platform One Block 23, 24, 26, 28: before DKCMAIN A3-04-21-40/00, ESM A3-04-21/00."}],"affected":[{"source":"hirt@hitachi.co.jp","affectedData":[{"vendor":"Hitachi","product":"Hitachi Virtual Storage Platform One Block 23, 24, 26, 28","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"DKCMAIN A3-04-21-40/00, ESM A3-04-21/00","versionType":"custom","status":"affected","changes":[{"at":"DKCMAIN A3-04-21-40/00, ESM A3-04-21/00","status":"unaffected"}]}]}]}],"metrics":{"cvssMetricV31":[{"source":"hirt@hitachi.co.jp","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:L/A:L","baseScore":3.7,"baseSeverity":"LOW","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"LOW","availabilityImpact":"LOW"},"exploitabilityScore":1.2,"impactScore":2.5}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-29T12:38:22.989556Z","id":"CVE-2025-0824","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"hirt@hitachi.co.jp","type":"Secondary","description":[{"lang":"en","value":"CWE-347"}]}],"references":[{"url":"https://www.hitachi.com/products/it/storage-solutions/sec_info/2026/2026_308.html","source":"hirt@hitachi.co.jp"}]}},{"cve":{"id":"CVE-2025-2902","sourceIdentifier":"hirt@hitachi.co.jp","published":"2026-06-29T07:16:23.583","lastModified":"2026-06-29T18:52:40.497","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"Improper Authorization Vulnerability of Maintenance Utility in Hitachi Virtual Storage Platform.\n\nThis issue affects Hitachi Virtual Storage Platform E390, E590, E790, E990, E1090, E390H, E590H, E790H, E1090H: before DKCMAIN Ver. 93-07-26-xx/00, GUM Ver. 93-07-26/00; Hitachi Virtual Storage Platform 5100, 5500, 5100H, 5500H, 5200, 5600, 5200H, 5600H: before DKCMAIN Ver. 90-09-27-00/00, GUM Ver. 90-09-27/00; Hitachi Virtual Storage Platform G130, G150, G350, G370, G700, G900, F350, F370, F700, F900: before DKCMAIN Ver. 88-08-16-xx/00, GUM Ver. 88-08-20/00."}],"affected":[{"source":"hirt@hitachi.co.jp","affectedData":[{"vendor":"Hitachi","product":"Hitachi Virtual Storage Platform E390, E590, E790, E990, E1090, E390H, E590H, E790H, E1090H","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"DKCMAIN Ver. 93-07-26-xx/00, GUM Ver. 93-07-26/00","versionType":"custom","status":"affected","changes":[{"at":"DKCMAIN Ver. 93-07-26-xx/00, GUM Ver. 93-07-26/00","status":"unaffected"}]}]},{"vendor":"Hitachi","product":"Hitachi Virtual Storage Platform 5100, 5500, 5100H, 5500H, 5200, 5600, 5200H, 5600H","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"DKCMAIN Ver. 90-09-27-00/00, GUM Ver. 90-09-27/00","versionType":"custom","status":"affected","changes":[{"at":"DKCMAIN Ver. 90-09-27-00/00, GUM Ver. 90-09-27/00","status":"unaffected"}]}]},{"vendor":"Hitachi","product":"Hitachi Virtual Storage Platform G130, G150, G350, G370, G700, G900, F350, F370, F700, F900","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"DKCMAIN Ver. 88-08-16-xx/00, GUM Ver. 88-08-20/00","versionType":"custom","status":"affected","changes":[{"at":"DKCMAIN Ver. 88-08-16-xx/00, GUM Ver. 88-08-20/00","status":"unaffected"}]}]}]}],"metrics":{"cvssMetricV31":[{"source":"hirt@hitachi.co.jp","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H","baseScore":8.3,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.5}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-29T12:39:47.151090Z","id":"CVE-2025-2902","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"hirt@hitachi.co.jp","type":"Secondary","description":[{"lang":"en","value":"CWE-862"}]}],"references":[{"url":"https://www.hitachi.com/products/it/storage-solutions/sec_info/2026/2026_305.html","source":"hirt@hitachi.co.jp"}]}},{"cve":{"id":"CVE-2025-7386","sourceIdentifier":"hirt@hitachi.co.jp","published":"2026-06-29T07:16:23.707","lastModified":"2026-06-29T18:52:40.497","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"Information exposure vulnerability in Hitachi Storage Navigator.\n\nThis issue affects Hitachi Virtual Storage Platform 5100, 5200, 5500, 5600, 5100H, 5200H, 5500H, 5600H, VX8: before DKCMAIN Ver. 90-09-24-00/00, SVP Ver. 90-09-24/00, before DKCMAIN Ver. 90-08-86-00/00, SVP Ver. 90-08-86/00; Hitachi Virtual Storage Platform G1000, G1500, F1500, VX7: before DKCMAIN Ver. 80-06-96-00/00, SVP Ver. 80-06-91/00."}],"affected":[{"source":"hirt@hitachi.co.jp","affectedData":[{"vendor":"Hitachi","product":"Hitachi Virtual Storage Platform 5100, 5200, 5500, 5600, 5100H, 5200H, 5500H, 5600H, VX8","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"DKCMAIN Ver. 90-09-24-00/00, SVP Ver. 90-09-24/00","versionType":"custom","status":"affected","changes":[{"at":"DKCMAIN Ver. 90-09-24-00/00, SVP Ver. 90-09-24/00","status":"unaffected"}]},{"version":"0","lessThan":"DKCMAIN Ver. 90-08-86-00/00, SVP Ver. 90-08-86/00","versionType":"custom","status":"affected","changes":[{"at":"DKCMAIN Ver. 90-08-86-00/00, SVP Ver. 90-08-86/00","status":"unaffected"}]}]},{"vendor":"Hitachi","product":"Hitachi Virtual Storage Platform G1000, G1500, F1500, VX7","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"DKCMAIN Ver. 80-06-96-00/00, SVP Ver. 80-06-91/00","versionType":"custom","status":"affected","changes":[{"at":"DKCMAIN Ver. 80-06-96-00/00, SVP Ver. 80-06-91/00","status":"unaffected"}]}]}]}],"metrics":{"cvssMetricV31":[{"source":"hirt@hitachi.co.jp","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N","baseScore":6.8,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":2.3,"impactScore":4.0}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-29T12:35:44.062299Z","id":"CVE-2025-7386","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"hirt@hitachi.co.jp","type":"Secondary","description":[{"lang":"en","value":"CWE-522"}]}],"references":[{"url":"https://www.hitachi.com/products/it/storage-solutions/sec_info/2026/2026_301.html","source":"hirt@hitachi.co.jp"}]}},{"cve":{"id":"CVE-2026-10083","sourceIdentifier":"contact@wpscan.com","published":"2026-06-29T07:16:23.823","lastModified":"2026-06-29T19:15:23.213","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"The APCu Manager WordPress plugin before 4.5.0 does not escape APCu object-cache keys before rendering them in an admin-area page, leading to a Stored Cross-Site Scripting vulnerability. When a persistent object cache is enabled, cache keys derived from unsanitised user input (e.g. a transient name created by another APCu Manager WordPress plugin before 4.5.0 from an unauthenticated request) are output without escaping and execute arbitrary JavaScript in the session of an administrator viewing the page."}],"affected":[{"source":"contact@wpscan.com","affectedData":[{"vendor":"Unknown","product":"APCu Manager","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"4.5.0","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.6,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-29T12:44:33.784952Z","id":"CVE-2026-10083","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"references":[{"url":"https://wpscan.com/vulnerability/e591b3f3-6e21-44f7-b374-4753689532fe/","source":"contact@wpscan.com"}]}},{"cve":{"id":"CVE-2026-13539","sourceIdentifier":"cna@vuldb.com","published":"2026-06-29T07:16:24.183","lastModified":"2026-06-29T18:47:21.983","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"A vulnerability was identified in Wavlink WL-NU516U1-A M16U1_V240425. The impacted element is the function sub_407504 of the file /cgi-bin/wireless.cgi of the component POST Parameter Handler. Such manipulation of the argument Guest_ssid leads to stack-based buffer overflow. The attack can be executed remotely. The exploit is publicly available and might be used. It is suggested to upgrade the affected component. The vendor was contacted early, responded in a very professional manner and quickly released a fixed version of the affected product."}],"affected":[{"source":"cna@vuldb.com","affectedData":[{"vendor":"Wavlink","product":"WL-NU516U1-A","cpes":["cpe:2.3:a:wavlink:wl-nu516u1-a:*:*:*:*:*:*:*:*"],"modules":["POST Parameter Handler"],"versions":[{"version":"M16U1_V240425","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"cna@vuldb.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":7.4,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"LOW","userInteraction":"NONE","vulnConfidentialityImpact":"HIGH","vulnIntegrityImpact":"HIGH","vulnAvailabilityImpact":"HIGH","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"PROOF_OF_CONCEPT","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"cna@vuldb.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}],"cvssMetricV2":[{"source":"cna@vuldb.com","type":"Secondary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:S/C:C/I:C/A:C","baseScore":9.0,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"SINGLE","confidentialityImpact":"COMPLETE","integrityImpact":"COMPLETE","availabilityImpact":"COMPLETE"},"baseSeverity":"HIGH","exploitabilityScore":8.0,"impactScore":10.0,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-29T14:13:41.239265Z","id":"CVE-2026-13539","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"cna@vuldb.com","type":"Secondary","description":[{"lang":"en","value":"CWE-119"},{"lang":"en","value":"CWE-121"}]}],"references":[{"url":"https://dl.wavlink.com/firmware/RD/WINSTAR_NU516U1-WO-A-2026-06-22-5ccde97-mt7628-squashfs-sysupgrade.bin","source":"cna@vuldb.com"},{"url":"https://github.com/Svigo-o/Wavlink_vul/tree/main/wavlink-wl-nu516u1-wireless-guestwifi-guestssid-buffer-overflow","source":"cna@vuldb.com"},{"url":"https://vuldb.com/cve/CVE-2026-13539","source":"cna@vuldb.com"},{"url":"https://vuldb.com/submit/834024","source":"cna@vuldb.com"},{"url":"https://vuldb.com/vuln/374547","source":"cna@vuldb.com"},{"url":"https://vuldb.com/vuln/374547/cti","source":"cna@vuldb.com"}]}},{"cve":{"id":"CVE-2026-13540","sourceIdentifier":"cna@vuldb.com","published":"2026-06-29T07:16:24.340","lastModified":"2026-06-29T18:46:31.617","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"A security flaw has been discovered in GitBucket up to 4.46.1. This affects the function Git.cloneRepository.setURI of the file src/main/scala/gitbucket/core/service/RepositoryCreationService.scala. Performing a manipulation of the argument url results in server-side request forgery. The attack is possible to be carried out remotely. The exploit has been released to the public and may be used for attacks. The patch is named 487a9b980f56aa73b6a044b1e86a92eed5043215. To fix this issue, it is recommended to deploy a patch."}],"affected":[{"source":"cna@vuldb.com","affectedData":[{"vendor":"n/a","product":"GitBucket","cpes":["cpe:2.3:a:gitbucket:gitbucket:*:*:*:*:*:*:*:*"],"versions":[{"version":"4.46.0","status":"affected"},{"version":"4.46.1","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"cna@vuldb.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":2.1,"baseSeverity":"LOW","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"LOW","userInteraction":"NONE","vulnConfidentialityImpact":"LOW","vulnIntegrityImpact":"LOW","vulnAvailabilityImpact":"LOW","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"PROOF_OF_CONCEPT","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"cna@vuldb.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L","baseScore":6.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"LOW"},"exploitabilityScore":2.8,"impactScore":3.4}],"cvssMetricV2":[{"source":"cna@vuldb.com","type":"Secondary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:S/C:P/I:P/A:P","baseScore":6.5,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"SINGLE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"MEDIUM","exploitabilityScore":8.0,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-29T13:36:04.735083Z","id":"CVE-2026-13540","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"cna@vuldb.com","type":"Secondary","description":[{"lang":"en","value":"CWE-918"}]}],"references":[{"url":"https://github.com/gitbucket/gitbucket/","source":"cna@vuldb.com"},{"url":"https://github.com/gitbucket/gitbucket/commit/487a9b980f56aa73b6a044b1e86a92eed5043215","source":"cna@vuldb.com"},{"url":"https://github.com/gitbucket/gitbucket/issues/4044","source":"cna@vuldb.com"},{"url":"https://github.com/gitbucket/gitbucket/pull/4056","source":"cna@vuldb.com"},{"url":"https://vuldb.com/cve/CVE-2026-13540","source":"cna@vuldb.com"},{"url":"https://vuldb.com/submit/836108","source":"cna@vuldb.com"},{"url":"https://vuldb.com/vuln/374548","source":"cna@vuldb.com"},{"url":"https://vuldb.com/vuln/374548/cti","source":"cna@vuldb.com"}]}},{"cve":{"id":"CVE-2026-13541","sourceIdentifier":"cna@vuldb.com","published":"2026-06-29T07:16:24.490","lastModified":"2026-06-29T18:46:31.617","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"A weakness has been identified in itsourcecode Hospital Management System 1.0. This impacts an unknown function of the file /doctorchangepassword.php. Executing a manipulation of the argument newpassword can lead to sql injection. The attack may be performed from remote. The exploit has been made available to the public and could be used for attacks."}],"affected":[{"source":"cna@vuldb.com","affectedData":[{"vendor":"itsourcecode","product":"Hospital Management System","cpes":["cpe:2.3:a:itsourcecode:hospital_management_system:*:*:*:*:*:*:*:*"],"versions":[{"version":"1.0","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"cna@vuldb.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":2.1,"baseSeverity":"LOW","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"LOW","userInteraction":"NONE","vulnConfidentialityImpact":"LOW","vulnIntegrityImpact":"LOW","vulnAvailabilityImpact":"LOW","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"PROOF_OF_CONCEPT","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"cna@vuldb.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L","baseScore":6.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"LOW"},"exploitabilityScore":2.8,"impactScore":3.4}],"cvssMetricV2":[{"source":"cna@vuldb.com","type":"Secondary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:S/C:P/I:P/A:P","baseScore":6.5,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"SINGLE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"MEDIUM","exploitabilityScore":8.0,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-29T12:55:06.603458Z","id":"CVE-2026-13541","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"cna@vuldb.com","type":"Secondary","description":[{"lang":"en","value":"CWE-74"},{"lang":"en","value":"CWE-89"}]}],"references":[{"url":"https://github.com/ltranquility/submit/issues/17","source":"cna@vuldb.com"},{"url":"https://itsourcecode.com/","source":"cna@vuldb.com"},{"url":"https://vuldb.com/cve/CVE-2026-13541","source":"cna@vuldb.com"},{"url":"https://vuldb.com/submit/842050","source":"cna@vuldb.com"},{"url":"https://vuldb.com/vuln/374549","source":"cna@vuldb.com"},{"url":"https://vuldb.com/vuln/374549/cti","source":"cna@vuldb.com"}]}},{"cve":{"id":"CVE-2026-13543","sourceIdentifier":"cna@vuldb.com","published":"2026-06-29T07:16:24.780","lastModified":"2026-06-29T18:41:05.950","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"A vulnerability was detected in Documenso up to 2.11.0. Affected by this vulnerability is an unknown functionality of the file packages/auth/server/lib/utils/handle-oauth-callback-url.ts of the component Google OAuth Login. The manipulation results in improper authentication. It is possible to launch the attack remotely. This attack is characterized by high complexity. The exploitation appears to be difficult. The exploit is now public and may be used. The pull request to fix this issue awaits acceptance."}],"affected":[{"source":"cna@vuldb.com","affectedData":[{"vendor":"n/a","product":"Documenso","cpes":["cpe:2.3:a:documenso:documenso:*:*:*:*:*:*:*:*"],"modules":["Google OAuth Login"],"versions":[{"version":"2.0","status":"affected"},{"version":"2.1","status":"affected"},{"version":"2.2","status":"affected"},{"version":"2.3","status":"affected"},{"version":"2.4","status":"affected"},{"version":"2.5","status":"affected"},{"version":"2.6","status":"affected"},{"version":"2.7","status":"affected"},{"version":"2.8","status":"affected"},{"version":"2.9","status":"affected"},{"version":"2.10","status":"affected"},{"version":"2.11.0","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"cna@vuldb.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":2.9,"baseSeverity":"LOW","attackVector":"NETWORK","attackComplexity":"HIGH","attackRequirements":"NONE","privilegesRequired":"NONE","userInteraction":"NONE","vulnConfidentialityImpact":"LOW","vulnIntegrityImpact":"LOW","vulnAvailabilityImpact":"LOW","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"PROOF_OF_CONCEPT","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"cna@vuldb.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L","baseScore":5.6,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"LOW"},"exploitabilityScore":2.2,"impactScore":3.4}],"cvssMetricV2":[{"source":"cna@vuldb.com","type":"Secondary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:H/Au:N/C:P/I:P/A:P","baseScore":5.1,"accessVector":"NETWORK","accessComplexity":"HIGH","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"MEDIUM","exploitabilityScore":4.9,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-29T10:51:50.370152Z","id":"CVE-2026-13543","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"cna@vuldb.com","type":"Secondary","description":[{"lang":"en","value":"CWE-287"}]}],"references":[{"url":"https://github.com/documenso/documenso/","source":"cna@vuldb.com"},{"url":"https://github.com/documenso/documenso/issues/2758","source":"cna@vuldb.com"},{"url":"https://github.com/documenso/documenso/pull/2837","source":"cna@vuldb.com"},{"url":"https://vuldb.com/cve/CVE-2026-13543","source":"cna@vuldb.com"},{"url":"https://vuldb.com/submit/842579","source":"cna@vuldb.com"},{"url":"https://vuldb.com/vuln/374551","source":"cna@vuldb.com"},{"url":"https://vuldb.com/vuln/374551/cti","source":"cna@vuldb.com"}]}},{"cve":{"id":"CVE-2026-13544","sourceIdentifier":"cna@vuldb.com","published":"2026-06-29T07:16:24.930","lastModified":"2026-06-29T18:46:31.617","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"A flaw has been found in Feehi CMS up to 2.1.1. Affected by this issue is some unknown functionality of the file /api/users of the component API. This manipulation causes improper access controls. The attack can be initiated remotely. The exploit has been published and may be used. The project was informed of the problem early through an issue report but has not responded yet."}],"affected":[{"source":"cna@vuldb.com","affectedData":[{"vendor":"Feehi","product":"CMS","cpes":["cpe:2.3:a:feehi:cms:*:*:*:*:*:*:*:*"],"modules":["API"],"versions":[{"version":"2.1.0","status":"affected"},{"version":"2.1.1","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"cna@vuldb.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":2.1,"baseSeverity":"LOW","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"LOW","userInteraction":"NONE","vulnConfidentialityImpact":"LOW","vulnIntegrityImpact":"LOW","vulnAvailabilityImpact":"LOW","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"PROOF_OF_CONCEPT","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"cna@vuldb.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L","baseScore":6.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"LOW"},"exploitabilityScore":2.8,"impactScore":3.4}],"cvssMetricV2":[{"source":"cna@vuldb.com","type":"Secondary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:S/C:P/I:P/A:P","baseScore":6.5,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"SINGLE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"MEDIUM","exploitabilityScore":8.0,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-29T13:48:47.863478Z","id":"CVE-2026-13544","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"cna@vuldb.com","type":"Secondary","description":[{"lang":"en","value":"CWE-266"},{"lang":"en","value":"CWE-284"}]}],"references":[{"url":"https://github.com/liufee/cms/issues/88","source":"cna@vuldb.com"},{"url":"https://github.com/liufee/cms/issues/89","source":"cna@vuldb.com"},{"url":"https://vuldb.com/cve/CVE-2026-13544","source":"cna@vuldb.com"},{"url":"https://vuldb.com/submit/842582","source":"cna@vuldb.com"},{"url":"https://vuldb.com/submit/842595","source":"cna@vuldb.com"},{"url":"https://vuldb.com/submit/842602","source":"cna@vuldb.com"},{"url":"https://vuldb.com/vuln/374552","source":"cna@vuldb.com"},{"url":"https://vuldb.com/vuln/374552/cti","source":"cna@vuldb.com"}]}},{"cve":{"id":"CVE-2026-9676","sourceIdentifier":"contact@wpscan.com","published":"2026-06-29T07:16:26.257","lastModified":"2026-06-29T19:15:23.213","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"The F4 Post Tree WordPress plugin before 2.0.5 does not perform capability checks or CSRF/nonce verification on one of its AJAX actions, allowing authenticated users with Subscriber-level access and above to modify the parent and menu order of arbitrary posts."}],"affected":[{"source":"contact@wpscan.com","affectedData":[{"vendor":"Unknown","product":"F4 Post Tree","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"2.0.5","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N","baseScore":4.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":1.4}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-29T12:46:41.620661Z","id":"CVE-2026-9676","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"references":[{"url":"https://wpscan.com/vulnerability/54627b10-115c-4434-a17b-eb680244889f/","source":"contact@wpscan.com"}]}},{"cve":{"id":"CVE-2026-13546","sourceIdentifier":"cna@vuldb.com","published":"2026-06-29T09:16:27.390","lastModified":"2026-06-29T18:46:31.617","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"A vulnerability was found in Feehi CMS up to 2.1.1. This vulnerability affects unknown code of the file /api/articles of the component REST API Endpoint. Performing a manipulation results in missing authentication. The attack may be initiated remotely. The exploit has been made public and could be used. The project was informed of the problem early through an issue report but has not responded yet."}],"affected":[{"source":"cna@vuldb.com","affectedData":[{"vendor":"Feehi","product":"CMS","cpes":["cpe:2.3:a:feehi:cms:*:*:*:*:*:*:*:*"],"modules":["REST API Endpoint"],"versions":[{"version":"2.1.0","status":"affected"},{"version":"2.1.1","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"cna@vuldb.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":5.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"NONE","userInteraction":"NONE","vulnConfidentialityImpact":"LOW","vulnIntegrityImpact":"LOW","vulnAvailabilityImpact":"LOW","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"PROOF_OF_CONCEPT","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"cna@vuldb.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L","baseScore":7.3,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"LOW"},"exploitabilityScore":3.9,"impactScore":3.4}],"cvssMetricV2":[{"source":"cna@vuldb.com","type":"Secondary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:P/I:P/A:P","baseScore":7.5,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"HIGH","exploitabilityScore":10.0,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-29T13:34:43.451804Z","id":"CVE-2026-13546","options":[{"exploitation":"poc"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"cna@vuldb.com","type":"Secondary","description":[{"lang":"en","value":"CWE-287"},{"lang":"en","value":"CWE-306"}]}],"references":[{"url":"https://github.com/liufee/cms/issues/87","source":"cna@vuldb.com"},{"url":"https://vuldb.com/cve/CVE-2026-13546","source":"cna@vuldb.com"},{"url":"https://vuldb.com/submit/842603","source":"cna@vuldb.com"},{"url":"https://vuldb.com/vuln/374554","source":"cna@vuldb.com"},{"url":"https://vuldb.com/vuln/374554/cti","source":"cna@vuldb.com"}]}},{"cve":{"id":"CVE-2026-13547","sourceIdentifier":"cna@vuldb.com","published":"2026-06-29T09:16:27.540","lastModified":"2026-06-29T18:46:31.617","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"A vulnerability was determined in Hanwang e-Face General Management Platform 6.3.5.4. This issue affects some unknown processing of the file /manage/resourceUpload/upload.do. Executing a manipulation of the argument File can lead to unrestricted upload. The attack may be launched remotely. The exploit has been publicly disclosed and may be utilized."}],"affected":[{"source":"cna@vuldb.com","affectedData":[{"vendor":"Hanwang","product":"e-Face General Management Platform","cpes":["cpe:2.3:a:hanwang:e-face_general_management_platform:*:*:*:*:*:*:*:*"],"versions":[{"version":"6.3.5.4","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"cna@vuldb.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":5.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"NONE","userInteraction":"NONE","vulnConfidentialityImpact":"LOW","vulnIntegrityImpact":"LOW","vulnAvailabilityImpact":"LOW","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"PROOF_OF_CONCEPT","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"cna@vuldb.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L","baseScore":7.3,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"LOW"},"exploitabilityScore":3.9,"impactScore":3.4}],"cvssMetricV2":[{"source":"cna@vuldb.com","type":"Secondary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:P/I:P/A:P","baseScore":7.5,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"HIGH","exploitabilityScore":10.0,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-29T12:54:26.438135Z","id":"CVE-2026-13547","options":[{"exploitation":"poc"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"cna@vuldb.com","type":"Secondary","description":[{"lang":"en","value":"CWE-284"},{"lang":"en","value":"CWE-434"}]}],"references":[{"url":"https://ucn9h68n9289.feishu.cn/wiki/SrO0wcxd9i6ByukOizGcIgpBnRd","source":"cna@vuldb.com"},{"url":"https://vuldb.com/cve/CVE-2026-13547","source":"cna@vuldb.com"},{"url":"https://vuldb.com/submit/842646","source":"cna@vuldb.com"},{"url":"https://vuldb.com/vuln/374555","source":"cna@vuldb.com"},{"url":"https://vuldb.com/vuln/374555/cti","source":"cna@vuldb.com"}]}},{"cve":{"id":"CVE-2026-13549","sourceIdentifier":"cna@vuldb.com","published":"2026-06-29T09:16:27.837","lastModified":"2026-06-29T18:41:05.950","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"A security flaw has been discovered in CodeAstro Complaint Management System 1.0. The affected element is the function deletereport of the file application/controllers/Report.php of the component Report Endpoint. The manipulation results in authorization bypass. The attack can be executed remotely. The exploit has been released to the public and may be used for attacks."}],"affected":[{"source":"cna@vuldb.com","affectedData":[{"vendor":"CodeAstro","product":"Complaint Management System","cpes":["cpe:2.3:a:codeastro:complaint_management_system:*:*:*:*:*:*:*:*"],"modules":["Report Endpoint"],"versions":[{"version":"1.0","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"cna@vuldb.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":2.1,"baseSeverity":"LOW","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"NONE","userInteraction":"PASSIVE","vulnConfidentialityImpact":"NONE","vulnIntegrityImpact":"LOW","vulnAvailabilityImpact":"LOW","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"PROOF_OF_CONCEPT","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"cna@vuldb.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L","baseScore":5.4,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"LOW","availabilityImpact":"LOW"},"exploitabilityScore":2.8,"impactScore":2.5}],"cvssMetricV2":[{"source":"cna@vuldb.com","type":"Secondary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:N/I:P/A:P","baseScore":6.4,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"NONE","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"MEDIUM","exploitabilityScore":10.0,"impactScore":4.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-29T10:33:25.230414Z","id":"CVE-2026-13549","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"cna@vuldb.com","type":"Secondary","description":[{"lang":"en","value":"CWE-285"},{"lang":"en","value":"CWE-639"}]}],"references":[{"url":"https://codeastro.com/","source":"cna@vuldb.com"},{"url":"https://github.com/ashikmd0507/CVE/tree/main/Unauthenticated%20Arbitrary%20Report%20%26%20File%20Deletion","source":"cna@vuldb.com"},{"url":"https://vuldb.com/cve/CVE-2026-13549","source":"cna@vuldb.com"},{"url":"https://vuldb.com/submit/843260","source":"cna@vuldb.com"},{"url":"https://vuldb.com/vuln/374557","source":"cna@vuldb.com"},{"url":"https://vuldb.com/vuln/374557/cti","source":"cna@vuldb.com"}]}},{"cve":{"id":"CVE-2026-13550","sourceIdentifier":"cna@vuldb.com","published":"2026-06-29T09:16:28.017","lastModified":"2026-06-29T18:46:31.617","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"A weakness has been identified in itsourcecode Baptism Information Management System 1.0. The impacted element is an unknown function of the file /delbaptism.php. This manipulation of the argument ID causes sql injection. The attack is possible to be carried out remotely. The exploit has been made available to the public and could be used for attacks."}],"affected":[{"source":"cna@vuldb.com","affectedData":[{"vendor":"itsourcecode","product":"Baptism Information Management System","cpes":["cpe:2.3:a:itsourcecode:baptism_information_management_system:*:*:*:*:*:*:*:*"],"versions":[{"version":"1.0","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"cna@vuldb.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":5.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"NONE","userInteraction":"NONE","vulnConfidentialityImpact":"LOW","vulnIntegrityImpact":"LOW","vulnAvailabilityImpact":"LOW","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"PROOF_OF_CONCEPT","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"cna@vuldb.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L","baseScore":7.3,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"LOW"},"exploitabilityScore":3.9,"impactScore":3.4}],"cvssMetricV2":[{"source":"cna@vuldb.com","type":"Secondary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:P/I:P/A:P","baseScore":7.5,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"HIGH","exploitabilityScore":10.0,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-29T13:51:09.380387Z","id":"CVE-2026-13550","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"cna@vuldb.com","type":"Secondary","description":[{"lang":"en","value":"CWE-74"},{"lang":"en","value":"CWE-89"}]}],"references":[{"url":"https://github.com/Hh-176/CVE/issues/1","source":"cna@vuldb.com"},{"url":"https://itsourcecode.com/","source":"cna@vuldb.com"},{"url":"https://vuldb.com/cve/CVE-2026-13550","source":"cna@vuldb.com"},{"url":"https://vuldb.com/submit/843567","source":"cna@vuldb.com"},{"url":"https://vuldb.com/vuln/374558","source":"cna@vuldb.com"},{"url":"https://vuldb.com/vuln/374558/cti","source":"cna@vuldb.com"}]}},{"cve":{"id":"CVE-2026-13551","sourceIdentifier":"cna@vuldb.com","published":"2026-06-29T09:16:28.160","lastModified":"2026-06-29T18:47:21.983","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"A security vulnerability has been detected in itsourcecode Baptism Information Management System 1.0. This affects an unknown function of the file /editBaptism.php. Such manipulation of the argument ID leads to sql injection. The attack may be performed from remote. The exploit has been disclosed publicly and may be used."}],"affected":[{"source":"cna@vuldb.com","affectedData":[{"vendor":"itsourcecode","product":"Baptism Information Management System","cpes":["cpe:2.3:a:itsourcecode:baptism_information_management_system:*:*:*:*:*:*:*:*"],"versions":[{"version":"1.0","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"cna@vuldb.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":5.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"NONE","userInteraction":"NONE","vulnConfidentialityImpact":"LOW","vulnIntegrityImpact":"LOW","vulnAvailabilityImpact":"LOW","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"PROOF_OF_CONCEPT","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"cna@vuldb.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L","baseScore":7.3,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"LOW"},"exploitabilityScore":3.9,"impactScore":3.4}],"cvssMetricV2":[{"source":"cna@vuldb.com","type":"Secondary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:P/I:P/A:P","baseScore":7.5,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"HIGH","exploitabilityScore":10.0,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-29T13:36:33.895077Z","id":"CVE-2026-13551","options":[{"exploitation":"poc"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"cna@vuldb.com","type":"Secondary","description":[{"lang":"en","value":"CWE-74"},{"lang":"en","value":"CWE-89"}]}],"references":[{"url":"https://github.com/Hh-176/CVE/issues/2","source":"cna@vuldb.com"},{"url":"https://itsourcecode.com/","source":"cna@vuldb.com"},{"url":"https://vuldb.com/cve/CVE-2026-13551","source":"cna@vuldb.com"},{"url":"https://vuldb.com/submit/843568","source":"cna@vuldb.com"},{"url":"https://vuldb.com/vuln/374559","source":"cna@vuldb.com"},{"url":"https://vuldb.com/vuln/374559/cti","source":"cna@vuldb.com"}]}},{"cve":{"id":"CVE-2026-22078","sourceIdentifier":"security@oppo.com","published":"2026-06-29T09:16:28.440","lastModified":"2026-06-29T19:07:03.733","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"Because O+ Connect's IPC service does not authenticate clients, external applications can escalate privileges and perform sensitive actions through the IPC channel."}],"affected":[{"source":"security@oppo.com","affectedData":[{"vendor":"OPPO","product":"O+ Connect","defaultStatus":"unaffected","versions":[{"version":"16.0.33","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"security@oppo.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:H","baseScore":7.3,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"HIGH"},"exploitabilityScore":1.5,"impactScore":5.3}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-29T11:53:04.056229Z","id":"CVE-2026-22078","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security@oppo.com","type":"Secondary","description":[{"lang":"en","value":"CWE-266"}]}],"references":[{"url":"https://security.oppo.com/en/noticeDetail?notice_only_key=NOTICE-2070415238859333632","source":"security@oppo.com"}]}},{"cve":{"id":"CVE-2026-9267","sourceIdentifier":"emo@eclipse.org","published":"2026-06-29T09:16:31.750","lastModified":"2026-06-29T19:13:31.073","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"Eclipse tinydtls before commit b3efd41ad111a4920f599f51ffa4f5e9f1e72221 contains an out-of-bounds read vulnerability in the check_server_certificate() function that allows unauthenticated attackers to trigger reads beyond valid buffer boundaries by crafting a Certificate handshake message with a specific fragment_length value. Attackers can exploit missing buffer length validation before uint24 reads, memcmp, and memcpy operations during DTLS epoch 0 on both client and server paths to cause denial of service on memory-constrained devices."}],"affected":[{"source":"emo@eclipse.org","affectedData":[{"vendor":"Eclipse Foundation","product":"Eclipse tinydtls","defaultStatus":"unaffected","repo":"https://github.com/eclipse-tinydtls/tinydtls","versions":[{"version":"0","lessThan":"b3efd41ad111a4920f599f51ffa4f5e9f1e72221","versionType":"git","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"emo@eclipse.org","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":6.9,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"NONE","userInteraction":"NONE","vulnConfidentialityImpact":"NONE","vulnIntegrityImpact":"NONE","vulnAvailabilityImpact":"LOW","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-29T11:45:21.979185Z","id":"CVE-2026-9267","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"emo@eclipse.org","type":"Secondary","description":[{"lang":"en","value":"CWE-125"}]}],"references":[{"url":"https://gitlab.eclipse.org/security/cve-assignment/-/work_items/112","source":"emo@eclipse.org"}]}},{"cve":{"id":"CVE-2026-13552","sourceIdentifier":"cna@vuldb.com","published":"2026-06-29T10:16:28.293","lastModified":"2026-06-29T18:46:31.617","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"A vulnerability was detected in itsourcecode Online Hotel Management System 1.0. This impacts an unknown function of the file /admin/mod_amenities/controller.php?action=edit. Performing a manipulation of the argument amen_id results in sql injection. It is possible to initiate the attack remotely. The exploit is now public and may be used."}],"affected":[{"source":"cna@vuldb.com","affectedData":[{"vendor":"itsourcecode","product":"Online Hotel Management System","cpes":["cpe:2.3:a:itsourcecode:online_hotel_management_system:*:*:*:*:*:*:*:*"],"versions":[{"version":"1.0","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"cna@vuldb.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":5.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"NONE","userInteraction":"NONE","vulnConfidentialityImpact":"LOW","vulnIntegrityImpact":"LOW","vulnAvailabilityImpact":"LOW","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"PROOF_OF_CONCEPT","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"cna@vuldb.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L","baseScore":7.3,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"LOW"},"exploitabilityScore":3.9,"impactScore":3.4}],"cvssMetricV2":[{"source":"cna@vuldb.com","type":"Secondary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:P/I:P/A:P","baseScore":7.5,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"HIGH","exploitabilityScore":10.0,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-29T13:33:46.088898Z","id":"CVE-2026-13552","options":[{"exploitation":"poc"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"cna@vuldb.com","type":"Secondary","description":[{"lang":"en","value":"CWE-74"},{"lang":"en","value":"CWE-89"}]}],"references":[{"url":"https://github.com/Hh-176/CVE/issues/3","source":"cna@vuldb.com"},{"url":"https://itsourcecode.com/","source":"cna@vuldb.com"},{"url":"https://vuldb.com/cve/CVE-2026-13552","source":"cna@vuldb.com"},{"url":"https://vuldb.com/submit/843569","source":"cna@vuldb.com"},{"url":"https://vuldb.com/vuln/374560","source":"cna@vuldb.com"},{"url":"https://vuldb.com/vuln/374560/cti","source":"cna@vuldb.com"}]}},{"cve":{"id":"CVE-2026-13553","sourceIdentifier":"cna@vuldb.com","published":"2026-06-29T10:16:29.420","lastModified":"2026-06-29T18:46:31.617","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"A flaw has been found in itsourcecode Online Hotel Management System 1.0. Affected is an unknown function of the file /admin/mod_amenities/controller.php?action=add. Executing a manipulation of the argument image can lead to unrestricted upload. It is possible to launch the attack remotely. The exploit has been published and may be used."}],"affected":[{"source":"cna@vuldb.com","affectedData":[{"vendor":"itsourcecode","product":"Online Hotel Management System","cpes":["cpe:2.3:a:itsourcecode:online_hotel_management_system:*:*:*:*:*:*:*:*"],"versions":[{"version":"1.0","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"cna@vuldb.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":5.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"NONE","userInteraction":"NONE","vulnConfidentialityImpact":"LOW","vulnIntegrityImpact":"LOW","vulnAvailabilityImpact":"LOW","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"PROOF_OF_CONCEPT","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"cna@vuldb.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L","baseScore":7.3,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"LOW"},"exploitabilityScore":3.9,"impactScore":3.4}],"cvssMetricV2":[{"source":"cna@vuldb.com","type":"Secondary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:P/I:P/A:P","baseScore":7.5,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"HIGH","exploitabilityScore":10.0,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-29T12:49:56.119896Z","id":"CVE-2026-13553","options":[{"exploitation":"poc"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"cna@vuldb.com","type":"Secondary","description":[{"lang":"en","value":"CWE-284"},{"lang":"en","value":"CWE-434"}]}],"references":[{"url":"https://github.com/Hh-176/CVE/issues/4","source":"cna@vuldb.com"},{"url":"https://itsourcecode.com/","source":"cna@vuldb.com"},{"url":"https://vuldb.com/cve/CVE-2026-13553","source":"cna@vuldb.com"},{"url":"https://vuldb.com/submit/843570","source":"cna@vuldb.com"},{"url":"https://vuldb.com/vuln/374561","source":"cna@vuldb.com"},{"url":"https://vuldb.com/vuln/374561/cti","source":"cna@vuldb.com"}]}},{"cve":{"id":"CVE-2026-13555","sourceIdentifier":"cna@vuldb.com","published":"2026-06-29T10:16:29.740","lastModified":"2026-06-29T18:41:05.950","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"A vulnerability was found in itsourcecode Online Hotel Management System 1.0. Affected by this issue is some unknown functionality of the file /admin/mod_users/controller.php?action=add. The manipulation of the argument Name results in sql injection. The attack can be launched remotely. The exploit has been made public and could be used."}],"affected":[{"source":"cna@vuldb.com","affectedData":[{"vendor":"itsourcecode","product":"Online Hotel Management System","cpes":["cpe:2.3:a:itsourcecode:online_hotel_management_system:*:*:*:*:*:*:*:*"],"versions":[{"version":"1.0","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"cna@vuldb.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":5.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"NONE","userInteraction":"NONE","vulnConfidentialityImpact":"LOW","vulnIntegrityImpact":"LOW","vulnAvailabilityImpact":"LOW","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"PROOF_OF_CONCEPT","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"cna@vuldb.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L","baseScore":7.3,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"LOW"},"exploitabilityScore":3.9,"impactScore":3.4}],"cvssMetricV2":[{"source":"cna@vuldb.com","type":"Secondary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:P/I:P/A:P","baseScore":7.5,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"HIGH","exploitabilityScore":10.0,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-29T10:31:14.703857Z","id":"CVE-2026-13555","options":[{"exploitation":"poc"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"cna@vuldb.com","type":"Secondary","description":[{"lang":"en","value":"CWE-74"},{"lang":"en","value":"CWE-89"}]}],"references":[{"url":"https://github.com/Hh-176/CVE/issues/6","source":"cna@vuldb.com"},{"url":"https://itsourcecode.com/","source":"cna@vuldb.com"},{"url":"https://vuldb.com/cve/CVE-2026-13555","source":"cna@vuldb.com"},{"url":"https://vuldb.com/submit/843585","source":"cna@vuldb.com"},{"url":"https://vuldb.com/vuln/374563","source":"cna@vuldb.com"},{"url":"https://vuldb.com/vuln/374563/cti","source":"cna@vuldb.com"}]}},{"cve":{"id":"CVE-2026-13557","sourceIdentifier":"cna@vuldb.com","published":"2026-06-29T10:16:30.033","lastModified":"2026-06-29T18:47:21.983","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"A vulnerability was identified in itsourcecode Online Hotel Management System 1.0. This vulnerability affects unknown code of the file /admin/mod_room/controller.php?action=add of the component POST Request Handler. Such manipulation of the argument Name leads to cross site scripting. The attack may be launched remotely. The exploit is publicly available and might be used."}],"affected":[{"source":"cna@vuldb.com","affectedData":[{"vendor":"itsourcecode","product":"Online Hotel Management System","cpes":["cpe:2.3:a:itsourcecode:online_hotel_management_system:*:*:*:*:*:*:*:*"],"modules":["POST Request Handler"],"versions":[{"version":"1.0","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"cna@vuldb.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":2.1,"baseSeverity":"LOW","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"NONE","userInteraction":"PASSIVE","vulnConfidentialityImpact":"NONE","vulnIntegrityImpact":"LOW","vulnAvailabilityImpact":"NONE","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"PROOF_OF_CONCEPT","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"cna@vuldb.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N","baseScore":4.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":1.4}],"cvssMetricV2":[{"source":"cna@vuldb.com","type":"Secondary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:N/I:P/A:N","baseScore":5.0,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"NONE","integrityImpact":"PARTIAL","availabilityImpact":"NONE"},"baseSeverity":"MEDIUM","exploitabilityScore":10.0,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-29T13:36:31.447637Z","id":"CVE-2026-13557","options":[{"exploitation":"poc"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"cna@vuldb.com","type":"Secondary","description":[{"lang":"en","value":"CWE-79"},{"lang":"en","value":"CWE-94"}]}],"references":[{"url":"https://github.com/Hh-176/CVE/issues/8","source":"cna@vuldb.com"},{"url":"https://itsourcecode.com/","source":"cna@vuldb.com"},{"url":"https://vuldb.com/cve/CVE-2026-13557","source":"cna@vuldb.com"},{"url":"https://vuldb.com/submit/843587","source":"cna@vuldb.com"},{"url":"https://vuldb.com/vuln/374565","source":"cna@vuldb.com"},{"url":"https://vuldb.com/vuln/374565/cti","source":"cna@vuldb.com"}]}},{"cve":{"id":"CVE-2026-57346","sourceIdentifier":"audit@patchstack.com","published":"2026-06-29T10:16:32.073","lastModified":"2026-06-29T18:39:20.080","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Epiphyt Embed Privacy allows Path Traversal.\n\nThis issue affects Embed Privacy: from n/a through 1.12.3."}],"affected":[{"source":"audit@patchstack.com","affectedData":[{"vendor":"Epiphyt","product":"Embed Privacy","defaultStatus":"unaffected","collectionURL":"https://wordpress.org/plugins","packageName":"embed-privacy","versions":[{"version":"n/a","lessThanOrEqual":"1.12.3","versionType":"custom","status":"affected","changes":[{"at":"1.12.4","status":"unaffected"}]}]}]}],"metrics":{"cvssMetricV31":[{"source":"audit@patchstack.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H","baseScore":7.1,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"LOW","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":4.2}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-29T10:30:18.639008Z","id":"CVE-2026-57346","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"audit@patchstack.com","type":"Secondary","description":[{"lang":"en","value":"CWE-22"}]}],"references":[{"url":"https://patchstack.com/database/wordpress/plugin/embed-privacy/vulnerability/wordpress-embed-privacy-plugin-1-12-3-arbitrary-file-deletion-vulnerability?_s_id=cve","source":"audit@patchstack.com"}]}},{"cve":{"id":"CVE-2026-13558","sourceIdentifier":"cna@vuldb.com","published":"2026-06-29T12:16:27.610","lastModified":"2026-06-29T18:46:31.617","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"A security flaw has been discovered in CodeAstro Complaint Management System 1.0. This issue affects some unknown processing of the file /report/addreport of the component Report Handler. Performing a manipulation of the argument Report Title results in cross site scripting. Remote exploitation of the attack is possible. The exploit has been released to the public and may be used for attacks."}],"affected":[{"source":"cna@vuldb.com","affectedData":[{"vendor":"CodeAstro","product":"Complaint Management System","cpes":["cpe:2.3:a:codeastro:complaint_management_system:*:*:*:*:*:*:*:*"],"modules":["Report Handler"],"versions":[{"version":"1.0","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"cna@vuldb.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":2.0,"baseSeverity":"LOW","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"LOW","userInteraction":"PASSIVE","vulnConfidentialityImpact":"NONE","vulnIntegrityImpact":"LOW","vulnAvailabilityImpact":"NONE","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"PROOF_OF_CONCEPT","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"cna@vuldb.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N","baseScore":3.5,"baseSeverity":"LOW","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.1,"impactScore":1.4}],"cvssMetricV2":[{"source":"cna@vuldb.com","type":"Secondary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:S/C:N/I:P/A:N","baseScore":4.0,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"SINGLE","confidentialityImpact":"NONE","integrityImpact":"PARTIAL","availabilityImpact":"NONE"},"baseSeverity":"MEDIUM","exploitabilityScore":8.0,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-29T13:27:43.101162Z","id":"CVE-2026-13558","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"cna@vuldb.com","type":"Secondary","description":[{"lang":"en","value":"CWE-79"},{"lang":"en","value":"CWE-94"}]}],"references":[{"url":"https://codeastro.com/","source":"cna@vuldb.com"},{"url":"https://github.com/ashikmd0507/CVE/blob/main/Stored%20XSS%20in%20Report%20Title%20Field%20Allows%20Script%20Execution%20in%20Admin%20Panel/README.md","source":"cna@vuldb.com"},{"url":"https://vuldb.com/cve/CVE-2026-13558","source":"cna@vuldb.com"},{"url":"https://vuldb.com/submit/843714","source":"cna@vuldb.com"},{"url":"https://vuldb.com/vuln/374566","source":"cna@vuldb.com"},{"url":"https://vuldb.com/vuln/374566/cti","source":"cna@vuldb.com"}]}},{"cve":{"id":"CVE-2026-13559","sourceIdentifier":"cna@vuldb.com","published":"2026-06-29T12:16:27.770","lastModified":"2026-06-29T18:46:31.617","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"A weakness has been identified in code-projects Real State Services 1.0. Impacted is an unknown function of the file /single-list_sale.php?action=add. Executing a manipulation of the argument ID can lead to sql injection. The attack can be executed remotely. The exploit has been made available to the public and could be used for attacks."}],"affected":[{"source":"cna@vuldb.com","affectedData":[{"vendor":"code-projects","product":"Real State Services","cpes":["cpe:2.3:a:code-projects:real_state_services:*:*:*:*:*:*:*:*"],"versions":[{"version":"1.0","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"cna@vuldb.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":5.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"NONE","userInteraction":"NONE","vulnConfidentialityImpact":"LOW","vulnIntegrityImpact":"LOW","vulnAvailabilityImpact":"LOW","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"PROOF_OF_CONCEPT","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"cna@vuldb.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L","baseScore":7.3,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"LOW"},"exploitabilityScore":3.9,"impactScore":3.4}],"cvssMetricV2":[{"source":"cna@vuldb.com","type":"Secondary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:P/I:P/A:P","baseScore":7.5,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"HIGH","exploitabilityScore":10.0,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-29T12:48:50.488949Z","id":"CVE-2026-13559","options":[{"exploitation":"poc"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"cna@vuldb.com","type":"Secondary","description":[{"lang":"en","value":"CWE-74"},{"lang":"en","value":"CWE-89"}]}],"references":[{"url":"https://code-projects.org/","source":"cna@vuldb.com"},{"url":"https://github.com/6Justdododo6/CVE/issues/21","source":"cna@vuldb.com"},{"url":"https://vuldb.com/cve/CVE-2026-13559","source":"cna@vuldb.com"},{"url":"https://vuldb.com/submit/843782","source":"cna@vuldb.com"},{"url":"https://vuldb.com/vuln/374567","source":"cna@vuldb.com"},{"url":"https://vuldb.com/vuln/374567/cti","source":"cna@vuldb.com"}]}},{"cve":{"id":"CVE-2026-13561","sourceIdentifier":"cna@vuldb.com","published":"2026-06-29T12:16:28.080","lastModified":"2026-06-29T18:46:31.617","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"A vulnerability was detected in Edimax EW-7478APC 1.04. The impacted element is the function formiNICbasic of the file /goform/formiNICbasic of the component POST Request Handler. The manipulation of the argument rootAPmac results in os command injection. The attack may be performed from remote. The exploit is now public and may be used. The vendor was contacted early about this disclosure but did not respond in any way."}],"affected":[{"source":"cna@vuldb.com","affectedData":[{"vendor":"Edimax","product":"EW-7478APC","cpes":["cpe:2.3:a:edimax:ew-7478apc:*:*:*:*:*:*:*:*"],"modules":["POST Request Handler"],"versions":[{"version":"1.04","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"cna@vuldb.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":2.1,"baseSeverity":"LOW","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"LOW","userInteraction":"NONE","vulnConfidentialityImpact":"LOW","vulnIntegrityImpact":"LOW","vulnAvailabilityImpact":"LOW","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"PROOF_OF_CONCEPT","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"cna@vuldb.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L","baseScore":6.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"LOW"},"exploitabilityScore":2.8,"impactScore":3.4}],"cvssMetricV2":[{"source":"cna@vuldb.com","type":"Secondary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:S/C:P/I:P/A:P","baseScore":6.5,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"SINGLE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"MEDIUM","exploitabilityScore":8.0,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-29T12:48:22.739014Z","id":"CVE-2026-13561","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"cna@vuldb.com","type":"Secondary","description":[{"lang":"en","value":"CWE-77"},{"lang":"en","value":"CWE-78"}]}],"references":[{"url":"https://lavender-bicycle-a5a.notion.site/EDIMAX-EW-7478APC-formiNICbasic-34b53a41781f8052bc69c85481124dff","source":"cna@vuldb.com"},{"url":"https://vuldb.com/cve/CVE-2026-13561","source":"cna@vuldb.com"},{"url":"https://vuldb.com/submit/844111","source":"cna@vuldb.com"},{"url":"https://vuldb.com/vuln/374569","source":"cna@vuldb.com"},{"url":"https://vuldb.com/vuln/374569/cti","source":"cna@vuldb.com"}]}},{"cve":{"id":"CVE-2026-13563","sourceIdentifier":"cna@vuldb.com","published":"2026-06-29T12:16:28.390","lastModified":"2026-06-29T18:47:21.983","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"A vulnerability has been found in Edimax EW-7478APC 1.04. This impacts the function formL2TPSetup of the file /goform/formL2TPSetup of the component POST Request Handler. Such manipulation of the argument L2TPUserName leads to stack-based buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way."}],"affected":[{"source":"cna@vuldb.com","affectedData":[{"vendor":"Edimax","product":"EW-7478APC","cpes":["cpe:2.3:a:edimax:ew-7478apc:*:*:*:*:*:*:*:*"],"modules":["POST Request Handler"],"versions":[{"version":"1.04","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"cna@vuldb.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":7.4,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"LOW","userInteraction":"NONE","vulnConfidentialityImpact":"HIGH","vulnIntegrityImpact":"HIGH","vulnAvailabilityImpact":"HIGH","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"PROOF_OF_CONCEPT","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"cna@vuldb.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}],"cvssMetricV2":[{"source":"cna@vuldb.com","type":"Secondary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:S/C:C/I:C/A:C","baseScore":9.0,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"SINGLE","confidentialityImpact":"COMPLETE","integrityImpact":"COMPLETE","availabilityImpact":"COMPLETE"},"baseSeverity":"HIGH","exploitabilityScore":8.0,"impactScore":10.0,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-29T14:13:36.346409Z","id":"CVE-2026-13563","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"cna@vuldb.com","type":"Secondary","description":[{"lang":"en","value":"CWE-119"},{"lang":"en","value":"CWE-121"}]}],"references":[{"url":"https://lavender-bicycle-a5a.notion.site/EDIMAX-EW-7478APC-formL2TPSetup-34b53a41781f80f295f8ca2aa55e1226?pvs=73","source":"cna@vuldb.com"},{"url":"https://vuldb.com/cve/CVE-2026-13563","source":"cna@vuldb.com"},{"url":"https://vuldb.com/submit/844113","source":"cna@vuldb.com"},{"url":"https://vuldb.com/vuln/374571","source":"cna@vuldb.com"},{"url":"https://vuldb.com/vuln/374571/cti","source":"cna@vuldb.com"}]}},{"cve":{"id":"CVE-2026-13564","sourceIdentifier":"cna@vuldb.com","published":"2026-06-29T12:16:28.543","lastModified":"2026-06-29T18:46:31.617","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"A vulnerability was found in Edimax EW-7478APC 1.04. Affected is the function formPPPoESetup of the file /goform/formPPPoESetup of the component POST Request Handler. Performing a manipulation of the argument pppUserName results in stack-based buffer overflow. The attack can be initiated remotely. The exploit has been made public and could be used. The vendor was contacted early about this disclosure but did not respond in any way."}],"affected":[{"source":"cna@vuldb.com","affectedData":[{"vendor":"Edimax","product":"EW-7478APC","cpes":["cpe:2.3:a:edimax:ew-7478apc:*:*:*:*:*:*:*:*"],"modules":["POST Request Handler"],"versions":[{"version":"1.04","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"cna@vuldb.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":7.4,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"LOW","userInteraction":"NONE","vulnConfidentialityImpact":"HIGH","vulnIntegrityImpact":"HIGH","vulnAvailabilityImpact":"HIGH","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"PROOF_OF_CONCEPT","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"cna@vuldb.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}],"cvssMetricV2":[{"source":"cna@vuldb.com","type":"Secondary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:S/C:C/I:C/A:C","baseScore":9.0,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"SINGLE","confidentialityImpact":"COMPLETE","integrityImpact":"COMPLETE","availabilityImpact":"COMPLETE"},"baseSeverity":"HIGH","exploitabilityScore":8.0,"impactScore":10.0,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-29T13:28:48.414995Z","id":"CVE-2026-13564","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"cna@vuldb.com","type":"Secondary","description":[{"lang":"en","value":"CWE-119"},{"lang":"en","value":"CWE-121"}]}],"references":[{"url":"https://lavender-bicycle-a5a.notion.site/EDIMAX-EW-7478APC-formPPPoESetup-34b53a41781f80208e6be16a764f001c","source":"cna@vuldb.com"},{"url":"https://vuldb.com/cve/CVE-2026-13564","source":"cna@vuldb.com"},{"url":"https://vuldb.com/submit/844114","source":"cna@vuldb.com"},{"url":"https://vuldb.com/vuln/374572","source":"cna@vuldb.com"},{"url":"https://vuldb.com/vuln/374572/cti","source":"cna@vuldb.com"}]}},{"cve":{"id":"CVE-2026-12616","sourceIdentifier":"emo@eclipse.org","published":"2026-06-29T14:16:41.317","lastModified":"2026-06-29T19:13:31.073","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"The /v1/upload/sbom endpoint extracts the iss claim from the attacker-supplied JWT with signature verification disabled, then interpolates that string into three log statements before any validation gate. Because the configured log format (\"%(asctime)s - %(name)s - %(levelname)s - %(message)s\") renders newlines literally, an unauthenticated attacker can forge log records that are byte-for-byte indistinguishable from PIA's genuine \"Successfully authenticated project\" message. PIA is an authentication broker whose logs are explicitly relied upon for incident response (DESIGN.md §5.4 lists \"Token verifications\" and \"Errors\" as events to log), so the ability to plant fake auth-success entries directly undermines the audit trail the service exists to produce."}],"affected":[{"source":"emo@eclipse.org","affectedData":[{"vendor":"Eclipse Foundation","product":"Eclipse CSI - PIA","defaultStatus":"unaffected","repo":"https://github.com/eclipse-csi/pia/","versions":[{"version":"0","lessThanOrEqual":"0.2.1","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"emo@eclipse.org","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":6.9,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"NONE","userInteraction":"NONE","vulnConfidentialityImpact":"NONE","vulnIntegrityImpact":"LOW","vulnAvailabilityImpact":"NONE","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-29T13:51:03.528809Z","id":"CVE-2026-12616","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"emo@eclipse.org","type":"Secondary","description":[{"lang":"en","value":"CWE-117"}]}],"references":[{"url":"https://gitlab.eclipse.org/security/cve-assignment/-/work_items/145","source":"emo@eclipse.org"}]}},{"cve":{"id":"CVE-2026-13165","sourceIdentifier":"cvd@cert.pl","published":"2026-06-29T14:16:41.647","lastModified":"2026-06-29T19:13:31.073","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"SzafirHost verifies the downloaded native library archive with one JarFile parser (reading the Central Directory) but extracts native libraries with JarInputStream parser (reading sequentially from local file headers). An attacker who controls the served archive can insert a malicious DLL/SO/DYLIB as a local-file-header entry between the last legitimate entry and the Central Directory, without adding it to the Central Directory. The signature verifier never sees the injected entry and accepts the archive as validly signed; the extractor reads it sequentially and writes the attacker library to the native temp directory with no hash check), while the archive-size check still passes. This can lead to remote code execution.\n\nThis issue was fixed in version 1.2.2."}],"affected":[{"source":"cvd@cert.pl","affectedData":[{"vendor":"Krajowa Izba Rozliczeniowa","product":"SzafirHost","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"1.2.2","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"cvd@cert.pl","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:L/SI:L/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":8.6,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"NONE","userInteraction":"ACTIVE","vulnConfidentialityImpact":"HIGH","vulnIntegrityImpact":"HIGH","vulnAvailabilityImpact":"HIGH","subConfidentialityImpact":"LOW","subIntegrityImpact":"LOW","subAvailabilityImpact":"LOW","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-29T13:58:08.681080Z","id":"CVE-2026-13165","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"cvd@cert.pl","type":"Secondary","description":[{"lang":"en","value":"CWE-434"}]}],"references":[{"url":"https://cert.pl/posts/2026/06/CVE-2026-13165","source":"cvd@cert.pl"},{"url":"https://www.elektronicznypodpis.pl/","source":"cvd@cert.pl"}]}},{"cve":{"id":"CVE-2026-13565","sourceIdentifier":"cna@vuldb.com","published":"2026-06-29T14:16:46.813","lastModified":"2026-06-29T18:46:31.617","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"A vulnerability was determined in SourceCodester Class and Exam Timetabling System 1.0/1.php. Affected by this vulnerability is an unknown functionality of the file /edit_class1.php. Executing a manipulation of the argument ID can lead to sql injection. The attack can be launched remotely. The exploit has been publicly disclosed and may be utilized."}],"affected":[{"source":"cna@vuldb.com","affectedData":[{"vendor":"SourceCodester","product":"Class and Exam Timetabling System","cpes":["cpe:2.3:a:sourcecodester:class_and_exam_timetabling_system:*:*:*:*:*:*:*:*"],"versions":[{"version":"1.0","status":"affected"},{"version":"1.php","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"cna@vuldb.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":5.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"NONE","userInteraction":"NONE","vulnConfidentialityImpact":"LOW","vulnIntegrityImpact":"LOW","vulnAvailabilityImpact":"LOW","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"PROOF_OF_CONCEPT","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"cna@vuldb.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L","baseScore":7.3,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"LOW"},"exploitabilityScore":3.9,"impactScore":3.4}],"cvssMetricV2":[{"source":"cna@vuldb.com","type":"Secondary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:P/I:P/A:P","baseScore":7.5,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"HIGH","exploitabilityScore":10.0,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-29T13:43:29.053932Z","id":"CVE-2026-13565","options":[{"exploitation":"poc"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"cna@vuldb.com","type":"Secondary","description":[{"lang":"en","value":"CWE-74"},{"lang":"en","value":"CWE-89"}]}],"references":[{"url":"https://github.com/Pluto2362/CVE-2026/issues/3","source":"cna@vuldb.com"},{"url":"https://vuldb.com/cve/CVE-2026-13565","source":"cna@vuldb.com"},{"url":"https://vuldb.com/submit/844222","source":"cna@vuldb.com"},{"url":"https://vuldb.com/vuln/374573","source":"cna@vuldb.com"},{"url":"https://vuldb.com/vuln/374573/cti","source":"cna@vuldb.com"},{"url":"https://www.sourcecodester.com/","source":"cna@vuldb.com"}]}},{"cve":{"id":"CVE-2026-13567","sourceIdentifier":"cna@vuldb.com","published":"2026-06-29T14:16:47.147","lastModified":"2026-06-29T18:46:31.617","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"A security flaw has been discovered in code-projects Online Music Site 1.0. This affects an unknown part of the file /Frontend/Feedback.php of the component POST Request Handler. The manipulation of the argument fname/femail/faddress/fmessage results in cross site scripting. The attack may be launched remotely. The exploit has been released to the public and may be used for attacks."}],"affected":[{"source":"cna@vuldb.com","affectedData":[{"vendor":"code-projects","product":"Online Music Site","cpes":["cpe:2.3:a:code-projects:online_music_site:*:*:*:*:*:*:*:*"],"modules":["POST Request Handler"],"versions":[{"version":"1.0","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"cna@vuldb.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":2.1,"baseSeverity":"LOW","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"NONE","userInteraction":"PASSIVE","vulnConfidentialityImpact":"NONE","vulnIntegrityImpact":"LOW","vulnAvailabilityImpact":"NONE","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"PROOF_OF_CONCEPT","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"cna@vuldb.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N","baseScore":4.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":1.4}],"cvssMetricV2":[{"source":"cna@vuldb.com","type":"Secondary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:N/I:P/A:N","baseScore":5.0,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"NONE","integrityImpact":"PARTIAL","availabilityImpact":"NONE"},"baseSeverity":"MEDIUM","exploitabilityScore":10.0,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-29T14:00:18.743314Z","id":"CVE-2026-13567","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"cna@vuldb.com","type":"Secondary","description":[{"lang":"en","value":"CWE-79"},{"lang":"en","value":"CWE-94"}]}],"references":[{"url":"https://code-projects.org/","source":"cna@vuldb.com"},{"url":"https://github.com/qwessec/CVE/issues/1","source":"cna@vuldb.com"},{"url":"https://vuldb.com/cve/CVE-2026-13567","source":"cna@vuldb.com"},{"url":"https://vuldb.com/submit/844228","source":"cna@vuldb.com"},{"url":"https://vuldb.com/vuln/374575","source":"cna@vuldb.com"},{"url":"https://vuldb.com/vuln/374575/cti","source":"cna@vuldb.com"}]}},{"cve":{"id":"CVE-2026-13569","sourceIdentifier":"cna@vuldb.com","published":"2026-06-29T14:16:47.483","lastModified":"2026-06-29T18:47:21.983","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"A security vulnerability has been detected in weng-xianhu EyouCMS up to 1.7.1. This issue affects some unknown processing of the file /index.php of the component API. Such manipulation of the argument click_like leads to sql injection. The attack can be executed remotely. The exploit has been disclosed publicly and may be used. The project was informed of the problem early through an issue report but has not responded yet."}],"affected":[{"source":"cna@vuldb.com","affectedData":[{"vendor":"weng-xianhu","product":"EyouCMS","cpes":["cpe:2.3:a:eyoucms:eyoucms:*:*:*:*:*:*:*:*"],"modules":["API"],"versions":[{"version":"1.7.0","status":"affected"},{"version":"1.7.1","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"cna@vuldb.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":2.0,"baseSeverity":"LOW","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"HIGH","userInteraction":"NONE","vulnConfidentialityImpact":"LOW","vulnIntegrityImpact":"LOW","vulnAvailabilityImpact":"LOW","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"PROOF_OF_CONCEPT","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"cna@vuldb.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L","baseScore":4.7,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"LOW"},"exploitabilityScore":1.2,"impactScore":3.4}],"cvssMetricV2":[{"source":"cna@vuldb.com","type":"Secondary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:M/C:P/I:P/A:P","baseScore":5.8,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"MULTIPLE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"MEDIUM","exploitabilityScore":6.4,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-29T14:50:34.181648Z","id":"CVE-2026-13569","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"cna@vuldb.com","type":"Secondary","description":[{"lang":"en","value":"CWE-74"},{"lang":"en","value":"CWE-89"}]}],"references":[{"url":"https://github.com/weng-xianhu/eyoucms/","source":"cna@vuldb.com"},{"url":"https://github.com/weng-xianhu/eyoucms/issues/68","source":"cna@vuldb.com"},{"url":"https://vuldb.com/cve/CVE-2026-13569","source":"cna@vuldb.com"},{"url":"https://vuldb.com/submit/844292","source":"cna@vuldb.com"},{"url":"https://vuldb.com/submit/844293","source":"cna@vuldb.com"},{"url":"https://vuldb.com/vuln/374577","source":"cna@vuldb.com"},{"url":"https://vuldb.com/vuln/374577/cti","source":"cna@vuldb.com"}]}},{"cve":{"id":"CVE-2026-13570","sourceIdentifier":"cna@vuldb.com","published":"2026-06-29T14:16:47.657","lastModified":"2026-06-29T18:46:31.617","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"A vulnerability was detected in SourceCodester Inventory Management System 1.0. Impacted is an unknown function of the file /api/users_handler.php of the component User Registration Endpoint. Performing a manipulation of the argument full_name results in cross site scripting. The attack is possible to be carried out remotely. The exploit is now public and may be used."}],"affected":[{"source":"cna@vuldb.com","affectedData":[{"vendor":"SourceCodester","product":"Inventory Management System","cpes":["cpe:2.3:a:sourcecodester:inventory_management_system:*:*:*:*:*:*:*:*"],"modules":["User Registration Endpoint"],"versions":[{"version":"1.0","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"cna@vuldb.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":2.0,"baseSeverity":"LOW","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"LOW","userInteraction":"PASSIVE","vulnConfidentialityImpact":"NONE","vulnIntegrityImpact":"LOW","vulnAvailabilityImpact":"NONE","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"PROOF_OF_CONCEPT","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"cna@vuldb.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N","baseScore":3.5,"baseSeverity":"LOW","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.1,"impactScore":1.4}],"cvssMetricV2":[{"source":"cna@vuldb.com","type":"Secondary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:S/C:N/I:P/A:N","baseScore":4.0,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"SINGLE","confidentialityImpact":"NONE","integrityImpact":"PARTIAL","availabilityImpact":"NONE"},"baseSeverity":"MEDIUM","exploitabilityScore":8.0,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-29T13:57:39.563309Z","id":"CVE-2026-13570","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"cna@vuldb.com","type":"Secondary","description":[{"lang":"en","value":"CWE-79"},{"lang":"en","value":"CWE-94"}]}],"references":[{"url":"https://vuldb.com/cve/CVE-2026-13570","source":"cna@vuldb.com"},{"url":"https://vuldb.com/submit/844353","source":"cna@vuldb.com"},{"url":"https://vuldb.com/vuln/374578","source":"cna@vuldb.com"},{"url":"https://vuldb.com/vuln/374578/cti","source":"cna@vuldb.com"},{"url":"https://www.sourcecodester.com/","source":"cna@vuldb.com"}]}},{"cve":{"id":"CVE-2026-40522","sourceIdentifier":"disclosure@vulncheck.com","published":"2026-06-29T14:16:50.920","lastModified":"2026-06-29T19:15:23.213","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"FrontAccounting before 2.4.20 contains a SQL injection vulnerability in the Bank Statement report handler that allows authenticated attackers to extract arbitrary database data by injecting UNION SELECT payloads into the PARAM_0 POST parameter. Attackers can supply malicious SQL syntax through the unparameterized WHERE clause to retrieve sensitive information including usernames, password hashes, and email addresses from the users table, rendered into PDF report output."}],"affected":[{"source":"disclosure@vulncheck.com","affectedData":[{"vendor":"FrontAccounting","product":"FrontAccounting","defaultStatus":"affected","versions":[{"version":"0","lessThan":"2.4.20","versionType":"semver","status":"affected"},{"version":"894adaf71393e0ef6a04fe6036fcd2464050f590","versionType":"git","status":"unaffected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"disclosure@vulncheck.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":7.1,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"LOW","userInteraction":"NONE","vulnConfidentialityImpact":"HIGH","vulnIntegrityImpact":"LOW","vulnAvailabilityImpact":"NONE","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"disclosure@vulncheck.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N","baseScore":7.1,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":4.2}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-29T13:42:25.365265Z","id":"CVE-2026-40522","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"disclosure@vulncheck.com","type":"Secondary","description":[{"lang":"en","value":"CWE-89"},{"lang":"en","value":"CWE-916"}]}],"references":[{"url":"https://github.com/FrontAccountingERP/FA/commit/894adaf71393e0ef6a04fe6036fcd2464050f590","source":"disclosure@vulncheck.com"},{"url":"https://jivasecurity.com/writeups/frontaccounting-sqli-bank-statement-report-cve-2026-40522","source":"disclosure@vulncheck.com"},{"url":"https://sourceforge.net/p/frontaccounting/news/2026/04/release-2420/","source":"disclosure@vulncheck.com"},{"url":"https://www.vulncheck.com/advisories/frontaccounting-sql-injection-via-rep601-php","source":"disclosure@vulncheck.com"}]}},{"cve":{"id":"CVE-2026-40523","sourceIdentifier":"disclosure@vulncheck.com","published":"2026-06-29T14:16:51.067","lastModified":"2026-06-29T19:15:23.213","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"FrontAccounting before 2.4.20 contains a SQL injection vulnerability in the Audit Trail report handler that allows authenticated attackers with SA_GLANALYTIC permission to execute arbitrary SQL queries by injecting malicious code into the PARAM_2 and PARAM_3 POST parameters. Attackers can exploit time-based blind SQL injection through SLEEP() functions that are amplified across JOIN result sets to cause denial of service by exhausting database connections, or extract arbitrary database content through UNION-based injection techniques."}],"affected":[{"source":"disclosure@vulncheck.com","affectedData":[{"vendor":"FrontAccounting","product":"FrontAccounting","defaultStatus":"affected","versions":[{"version":"0","lessThan":"2.4.20","versionType":"semver","status":"affected"},{"version":"647a18196caad27f96ea852e993c9e30f815357f","versionType":"git","status":"unaffected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"disclosure@vulncheck.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":7.2,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"LOW","userInteraction":"NONE","vulnConfidentialityImpact":"HIGH","vulnIntegrityImpact":"NONE","vulnAvailabilityImpact":"HIGH","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"disclosure@vulncheck.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H","baseScore":8.1,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.2}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-29T13:58:30.591722Z","id":"CVE-2026-40523","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"disclosure@vulncheck.com","type":"Secondary","description":[{"lang":"en","value":"CWE-89"}]}],"references":[{"url":"https://github.com/FrontAccountingERP/FA/commit/647a18196caad27f96ea852e993c9e30f815357f","source":"disclosure@vulncheck.com"},{"url":"https://jivasecurity.com/writeups/frontaccounting-sqli-audit-trail-report-cve-2026-40523","source":"disclosure@vulncheck.com"},{"url":"https://sourceforge.net/p/frontaccounting/news/2026/04/release-2420/","source":"disclosure@vulncheck.com"},{"url":"https://www.vulncheck.com/advisories/frontaccounting-sql-injection-via-reporting-rep710-php","source":"disclosure@vulncheck.com"}]}},{"cve":{"id":"CVE-2026-54370","sourceIdentifier":"disclosure@vulncheck.com","published":"2026-06-29T14:16:57.670","lastModified":"2026-06-29T19:22:57.460","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"acl before version 2.4.0 contains a time-of-check to time-of-use (TOCTOU) race condition vulnerability that allows local attackers to escalate privileges by replacing a pathname component with a symbolic link between an lstat() check and subsequent symlink-following operations such as stat(), chown(), chmod(), acl_get_file(), and acl_set_file(). Attackers who control a pathname component can redirect file access control list operations to arbitrary files when getfacl, setfacl, or chacl is invoked by a privileged process over an attacker-controlled path, resulting in local privilege escalation."}],"affected":[{"source":"disclosure@vulncheck.com","affectedData":[{"vendor":"acl project","product":"acl","defaultStatus":"affected","repo":"https://savannah.nongnu.org/projects/acl/","versions":[{"version":"0","lessThan":"2.4.0","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"disclosure@vulncheck.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":7.2,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"HIGH","attackRequirements":"NONE","privilegesRequired":"LOW","userInteraction":"NONE","vulnConfidentialityImpact":"HIGH","vulnIntegrityImpact":"HIGH","vulnAvailabilityImpact":"NONE","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"disclosure@vulncheck.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N","baseScore":6.3,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"HIGH","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":1.0,"impactScore":5.2}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-29T14:49:55.817958Z","id":"CVE-2026-54370","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"disclosure@vulncheck.com","type":"Secondary","description":[{"lang":"en","value":"CWE-367"}]}],"references":[{"url":"https://cgit.git.savannah.nongnu.org/cgit/acl.git/commit/?id=24a227d0ab8576612194f8a56c2314389adc74a5","source":"disclosure@vulncheck.com"},{"url":"https://cgit.git.savannah.nongnu.org/cgit/acl.git/commit/?id=3589787cd589b34bdd9265936e17190b6d3f17d1","source":"disclosure@vulncheck.com"},{"url":"https://www.vulncheck.com/advisories/acl-toctou-symlink-traversal-via-getfacl-setfacl-chacl","source":"disclosure@vulncheck.com"}]}},{"cve":{"id":"CVE-2026-13571","sourceIdentifier":"cna@vuldb.com","published":"2026-06-29T15:16:38.367","lastModified":"2026-06-29T18:47:21.983","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"A flaw has been found in SourceCodester Simple Food Ordering System 1.0. The affected element is an unknown function of the file /cart.php. Executing a manipulation of the argument item_price can lead to business logic errors. The attack may be performed from remote. The exploit has been published and may be used."}],"affected":[{"source":"cna@vuldb.com","affectedData":[{"vendor":"SourceCodester","product":"Simple Food Ordering System","cpes":["cpe:2.3:a:sourcecodester:simple_food_ordering_system:*:*:*:*:*:*:*:*"],"versions":[{"version":"1.0","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"cna@vuldb.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":5.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"NONE","userInteraction":"NONE","vulnConfidentialityImpact":"NONE","vulnIntegrityImpact":"LOW","vulnAvailabilityImpact":"NONE","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"PROOF_OF_CONCEPT","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"cna@vuldb.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N","baseScore":5.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":1.4}],"cvssMetricV2":[{"source":"cna@vuldb.com","type":"Secondary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:N/I:P/A:N","baseScore":5.0,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"NONE","integrityImpact":"PARTIAL","availabilityImpact":"NONE"},"baseSeverity":"MEDIUM","exploitabilityScore":10.0,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-29T15:06:31.645228Z","id":"CVE-2026-13571","options":[{"exploitation":"poc"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"cna@vuldb.com","type":"Secondary","description":[{"lang":"en","value":"CWE-840"}]}],"references":[{"url":"https://github.com/ogh-bnz/Simple-Food-Ordering-System/blob/main/Simple-Food-Ordering-System-Price-Manipulation.md","source":"cna@vuldb.com"},{"url":"https://vuldb.com/cve/CVE-2026-13571","source":"cna@vuldb.com"},{"url":"https://vuldb.com/submit/844355","source":"cna@vuldb.com"},{"url":"https://vuldb.com/vuln/374579","source":"cna@vuldb.com"},{"url":"https://vuldb.com/vuln/374579/cti","source":"cna@vuldb.com"},{"url":"https://www.sourcecodester.com/","source":"cna@vuldb.com"}]}},{"cve":{"id":"CVE-2026-13578","sourceIdentifier":"cna@vuldb.com","published":"2026-06-29T15:16:39.013","lastModified":"2026-06-29T18:47:21.983","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"A security flaw has been discovered in itsourcecode Hospital Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /patientdetail.php. Performing a manipulation of the argument editid results in sql injection. The attack may be initiated remotely. The exploit has been released to the public and may be used for attacks."}],"affected":[{"source":"cna@vuldb.com","affectedData":[{"vendor":"itsourcecode","product":"Hospital Management System","cpes":["cpe:2.3:a:itsourcecode:hospital_management_system:*:*:*:*:*:*:*:*"],"versions":[{"version":"1.0","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"cna@vuldb.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":2.1,"baseSeverity":"LOW","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"LOW","userInteraction":"NONE","vulnConfidentialityImpact":"LOW","vulnIntegrityImpact":"LOW","vulnAvailabilityImpact":"LOW","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"PROOF_OF_CONCEPT","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"cna@vuldb.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L","baseScore":6.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"LOW"},"exploitabilityScore":2.8,"impactScore":3.4}],"cvssMetricV2":[{"source":"cna@vuldb.com","type":"Secondary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:S/C:P/I:P/A:P","baseScore":6.5,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"SINGLE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"MEDIUM","exploitabilityScore":8.0,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-29T14:59:04.555902Z","id":"CVE-2026-13578","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"cna@vuldb.com","type":"Secondary","description":[{"lang":"en","value":"CWE-74"},{"lang":"en","value":"CWE-89"}]}],"references":[{"url":"https://github.com/ltranquility/submit/issues/20","source":"cna@vuldb.com"},{"url":"https://itsourcecode.com/","source":"cna@vuldb.com"},{"url":"https://vuldb.com/cve/CVE-2026-13578","source":"cna@vuldb.com"},{"url":"https://vuldb.com/submit/843783","source":"cna@vuldb.com"},{"url":"https://vuldb.com/vuln/374584","source":"cna@vuldb.com"},{"url":"https://vuldb.com/vuln/374584/cti","source":"cna@vuldb.com"}]}},{"cve":{"id":"CVE-2026-13579","sourceIdentifier":"cna@vuldb.com","published":"2026-06-29T15:16:39.163","lastModified":"2026-06-29T18:47:21.983","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"A weakness has been identified in itsourcecode Hospital Management System 1.0. Affected by this issue is some unknown functionality of the file /patientchangepassword.php. Executing a manipulation of the argument newpassword can lead to sql injection. The attack may be launched remotely. The exploit has been made available to the public and could be used for attacks."}],"affected":[{"source":"cna@vuldb.com","affectedData":[{"vendor":"itsourcecode","product":"Hospital Management System","cpes":["cpe:2.3:a:itsourcecode:hospital_management_system:*:*:*:*:*:*:*:*"],"versions":[{"version":"1.0","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"cna@vuldb.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":2.1,"baseSeverity":"LOW","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"LOW","userInteraction":"NONE","vulnConfidentialityImpact":"LOW","vulnIntegrityImpact":"LOW","vulnAvailabilityImpact":"LOW","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"PROOF_OF_CONCEPT","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"cna@vuldb.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L","baseScore":6.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"LOW"},"exploitabilityScore":2.8,"impactScore":3.4}],"cvssMetricV2":[{"source":"cna@vuldb.com","type":"Secondary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:S/C:P/I:P/A:P","baseScore":6.5,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"SINGLE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"MEDIUM","exploitabilityScore":8.0,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-29T15:51:52.789027Z","id":"CVE-2026-13579","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"cna@vuldb.com","type":"Secondary","description":[{"lang":"en","value":"CWE-74"},{"lang":"en","value":"CWE-89"}]}],"references":[{"url":"https://github.com/ltranquility/cve_submit/issues/21","source":"cna@vuldb.com"},{"url":"https://itsourcecode.com/","source":"cna@vuldb.com"},{"url":"https://vuldb.com/cve/CVE-2026-13579","source":"cna@vuldb.com"},{"url":"https://vuldb.com/submit/844019","source":"cna@vuldb.com"},{"url":"https://vuldb.com/vuln/374585","source":"cna@vuldb.com"},{"url":"https://vuldb.com/vuln/374585/cti","source":"cna@vuldb.com"}]}},{"cve":{"id":"CVE-2026-56124","sourceIdentifier":"disclosure@vulncheck.com","published":"2026-06-29T15:16:42.217","lastModified":"2026-06-29T19:22:57.460","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"phpUploader before 2.0.2 contains an unauthenticated information disclosure vulnerability that allows remote attackers to access the full contents of the uploaded-files database table by visiting any page of the application. The index model executes an unbounded SELECT query and embeds the complete JSON-encoded result set in an inline script block, exposing uploader IP addresses, Argon2ID key hashes, internal filenames, and SHA-256 fingerprints."}],"affected":[{"source":"disclosure@vulncheck.com","affectedData":[{"vendor":"shimosyan","product":"phpUploader","defaultStatus":"affected","repo":"https://github.com/shimosyan/phpUploader","versions":[{"version":"0","lessThan":"2.0.2","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"disclosure@vulncheck.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":8.7,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"NONE","userInteraction":"NONE","vulnConfidentialityImpact":"HIGH","vulnIntegrityImpact":"NONE","vulnAvailabilityImpact":"NONE","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"disclosure@vulncheck.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-29T15:11:40.902142Z","id":"CVE-2026-56124","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"disclosure@vulncheck.com","type":"Secondary","description":[{"lang":"en","value":"CWE-359"},{"lang":"en","value":"CWE-497"}]}],"references":[{"url":"https://github.com/shimosyan/phpUploader/commit/45dc4f1c9a2de5ade427deebad0148834c0e8c50","source":"disclosure@vulncheck.com"},{"url":"https://github.com/shimosyan/phpUploader/pull/294","source":"disclosure@vulncheck.com"},{"url":"https://github.com/shimosyan/phpUploader/releases/tag/v2.0.2","source":"disclosure@vulncheck.com"},{"url":"https://www.vulncheck.com/advisories/phpuploader-unauthenticated-database-exposure-via-index-model","source":"disclosure@vulncheck.com"}]}},{"cve":{"id":"CVE-2026-57320","sourceIdentifier":"audit@patchstack.com","published":"2026-06-29T15:16:42.627","lastModified":"2026-06-29T18:39:20.080","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"Unauthenticated Cross Site Scripting (XSS) in BEAR <= 1.1.8 versions."}],"affected":[{"source":"audit@patchstack.com","affectedData":[{"vendor":"RealMag777","product":"BEAR","defaultStatus":"unaffected","collectionURL":"https://wordpress.org/plugins","packageName":"woo-bulk-editor","versions":[{"version":"n/a","lessThanOrEqual":"1.1.8","versionType":"custom","status":"affected","changes":[{"at":"1.1.9","status":"unaffected"}]}]}]}],"metrics":{"cvssMetricV31":[{"source":"audit@patchstack.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L","baseScore":7.1,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"LOW"},"exploitabilityScore":2.8,"impactScore":3.7}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-29T14:58:44.451940Z","id":"CVE-2026-57320","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"audit@patchstack.com","type":"Secondary","description":[{"lang":"en","value":"CWE-79"}]}],"references":[{"url":"https://patchstack.com/database/wordpress/plugin/woo-bulk-editor/vulnerability/wordpress-bear-plugin-1-1-8-cross-site-scripting-xss-vulnerability?_s_id=cve","source":"audit@patchstack.com"}]}},{"cve":{"id":"CVE-2026-57326","sourceIdentifier":"audit@patchstack.com","published":"2026-06-29T15:16:42.783","lastModified":"2026-06-29T18:39:20.080","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"Unauthenticated Cross Site Scripting (XSS) in Business Directory <= 6.4.22 versions."}],"affected":[{"source":"audit@patchstack.com","affectedData":[{"vendor":"Strategy11 Team","product":"Business Directory","defaultStatus":"unaffected","collectionURL":"https://wordpress.org/plugins","packageName":"business-directory-plugin","versions":[{"version":"n/a","lessThanOrEqual":"6.4.22","versionType":"custom","status":"affected","changes":[{"at":"6.4.23","status":"unaffected"}]}]}]}],"metrics":{"cvssMetricV31":[{"source":"audit@patchstack.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","baseScore":6.1,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":2.7}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-29T15:06:45.426452Z","id":"CVE-2026-57326","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"audit@patchstack.com","type":"Secondary","description":[{"lang":"en","value":"CWE-79"}]}],"references":[{"url":"https://patchstack.com/database/wordpress/plugin/business-directory-plugin/vulnerability/wordpress-business-directory-plugin-6-4-22-cross-site-scripting-xss-vulnerability?_s_id=cve","source":"audit@patchstack.com"}]}},{"cve":{"id":"CVE-2026-57327","sourceIdentifier":"audit@patchstack.com","published":"2026-06-29T15:16:42.910","lastModified":"2026-06-29T18:39:20.080","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"Subscriber Broken Access Control in MainWP <= 6.1.1 versions."}],"affected":[{"source":"audit@patchstack.com","affectedData":[{"vendor":"mainwp","product":"MainWP","defaultStatus":"unaffected","collectionURL":"https://wordpress.org/plugins","packageName":"mainwp","versions":[{"version":"n/a","lessThanOrEqual":"6.1.1","versionType":"custom","status":"affected","changes":[{"at":"6.1.2","status":"unaffected"}]}]}]}],"metrics":{"cvssMetricV31":[{"source":"audit@patchstack.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L","baseScore":6.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"LOW"},"exploitabilityScore":2.8,"impactScore":3.4}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-29T15:50:11.532241Z","id":"CVE-2026-57327","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"audit@patchstack.com","type":"Secondary","description":[{"lang":"en","value":"CWE-862"}]}],"references":[{"url":"https://patchstack.com/database/wordpress/plugin/mainwp/vulnerability/wordpress-mainwp-plugin-6-1-1-broken-access-control-vulnerability?_s_id=cve","source":"audit@patchstack.com"}]}},{"cve":{"id":"CVE-2026-57328","sourceIdentifier":"audit@patchstack.com","published":"2026-06-29T15:16:43.033","lastModified":"2026-06-29T18:39:20.080","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"Subscriber Cross Site Scripting (XSS) in Business Directory <= 6.4.22 versions."}],"affected":[{"source":"audit@patchstack.com","affectedData":[{"vendor":"Strategy11 Team","product":"Business Directory","defaultStatus":"unaffected","collectionURL":"https://wordpress.org/plugins","packageName":"business-directory-plugin","versions":[{"version":"n/a","lessThanOrEqual":"6.4.22","versionType":"custom","status":"affected","changes":[{"at":"6.4.23","status":"unaffected"}]}]}]}],"metrics":{"cvssMetricV31":[{"source":"audit@patchstack.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"LOW"},"exploitabilityScore":2.3,"impactScore":3.7}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-29T15:51:23.693775Z","id":"CVE-2026-57328","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"audit@patchstack.com","type":"Secondary","description":[{"lang":"en","value":"CWE-79"}]}],"references":[{"url":"https://patchstack.com/database/wordpress/plugin/business-directory-plugin/vulnerability/wordpress-business-directory-plugin-6-4-22-cross-site-scripting-xss-vulnerability-2?_s_id=cve","source":"audit@patchstack.com"}]}},{"cve":{"id":"CVE-2026-57330","sourceIdentifier":"audit@patchstack.com","published":"2026-06-29T15:16:43.257","lastModified":"2026-06-29T18:39:20.080","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"Subscriber Cross Site Scripting (XSS) in MasterStudy LMS <= 3.7.27 versions."}],"affected":[{"source":"audit@patchstack.com","affectedData":[{"vendor":"Stylemix","product":"MasterStudy LMS","defaultStatus":"unaffected","collectionURL":"https://wordpress.org/plugins","packageName":"masterstudy-lms-learning-management-system","versions":[{"version":"n/a","lessThanOrEqual":"3.7.27","versionType":"custom","status":"affected","changes":[{"at":"3.7.28","status":"unaffected"}]}]}]}],"metrics":{"cvssMetricV31":[{"source":"audit@patchstack.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"LOW"},"exploitabilityScore":2.3,"impactScore":3.7}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-29T15:02:07.064005Z","id":"CVE-2026-57330","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"audit@patchstack.com","type":"Secondary","description":[{"lang":"en","value":"CWE-79"}]}],"references":[{"url":"https://patchstack.com/database/wordpress/plugin/masterstudy-lms-learning-management-system/vulnerability/wordpress-masterstudy-lms-plugin-3-7-27-cross-site-scripting-xss-vulnerability?_s_id=cve","source":"audit@patchstack.com"}]}},{"cve":{"id":"CVE-2026-57331","sourceIdentifier":"audit@patchstack.com","published":"2026-06-29T15:16:43.370","lastModified":"2026-06-29T18:39:20.080","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"Performer Arbitrary File Deletion in Paid Videochat Turnkey Site <= 7.4.8 versions."}],"affected":[{"source":"audit@patchstack.com","affectedData":[{"vendor":"videowhisper","product":"Paid Videochat Turnkey Site","defaultStatus":"unaffected","collectionURL":"https://wordpress.org/plugins","packageName":"ppv-live-webcams","versions":[{"version":"n/a","lessThanOrEqual":"7.4.8","versionType":"custom","status":"affected","changes":[{"at":"7.4.9","status":"unaffected"}]}]}]}],"metrics":{"cvssMetricV31":[{"source":"audit@patchstack.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H","baseScore":9.9,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.1,"impactScore":6.0}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-29T14:58:26.444077Z","id":"CVE-2026-57331","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"audit@patchstack.com","type":"Secondary","description":[{"lang":"en","value":"CWE-22"}]}],"references":[{"url":"https://patchstack.com/database/wordpress/plugin/ppv-live-webcams/vulnerability/wordpress-paid-videochat-turnkey-site-plugin-7-4-8-arbitrary-file-deletion-vulnerability?_s_id=cve","source":"audit@patchstack.com"}]}},{"cve":{"id":"CVE-2026-57332","sourceIdentifier":"audit@patchstack.com","published":"2026-06-29T15:16:43.483","lastModified":"2026-06-29T18:39:20.080","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"Subscriber Broken Access Control in Wallet System for WooCommerce <= 2.7.6 versions."}],"affected":[{"source":"audit@patchstack.com","affectedData":[{"vendor":"WP Swings","product":"Wallet System for WooCommerce","defaultStatus":"unaffected","collectionURL":"https://wordpress.org/plugins","packageName":"wallet-system-for-woocommerce","versions":[{"version":"n/a","lessThanOrEqual":"2.7.6","versionType":"custom","status":"affected","changes":[{"at":"2.7.7","status":"unaffected"}]}]}]}],"metrics":{"cvssMetricV31":[{"source":"audit@patchstack.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:L","baseScore":7.1,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"HIGH","availabilityImpact":"LOW"},"exploitabilityScore":2.8,"impactScore":4.2}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-29T15:07:04.006979Z","id":"CVE-2026-57332","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"audit@patchstack.com","type":"Secondary","description":[{"lang":"en","value":"CWE-862"}]}],"references":[{"url":"https://patchstack.com/database/wordpress/plugin/wallet-system-for-woocommerce/vulnerability/wordpress-wallet-system-for-woocommerce-plugin-2-7-6-broken-access-control-vulnerability?_s_id=cve","source":"audit@patchstack.com"}]}},{"cve":{"id":"CVE-2026-57333","sourceIdentifier":"audit@patchstack.com","published":"2026-06-29T15:16:43.600","lastModified":"2026-06-29T18:39:20.080","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"Unauthenticated Cross Site Scripting (XSS) in Link Whisper Free <= 0.9.4 versions."}],"affected":[{"source":"audit@patchstack.com","affectedData":[{"vendor":"Spencer Haws","product":"Link Whisper Free","defaultStatus":"unaffected","collectionURL":"https://wordpress.org/plugins","packageName":"link-whisper","versions":[{"version":"n/a","lessThanOrEqual":"0.9.4","versionType":"custom","status":"affected","changes":[{"at":"0.9.5","status":"unaffected"}]}]}]}],"metrics":{"cvssMetricV31":[{"source":"audit@patchstack.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L","baseScore":7.1,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"LOW"},"exploitabilityScore":2.8,"impactScore":3.7}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-29T15:50:33.446972Z","id":"CVE-2026-57333","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"audit@patchstack.com","type":"Secondary","description":[{"lang":"en","value":"CWE-79"}]}],"references":[{"url":"https://patchstack.com/database/wordpress/plugin/link-whisper/vulnerability/wordpress-link-whisper-free-plugin-0-9-4-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve","source":"audit@patchstack.com"}]}},{"cve":{"id":"CVE-2026-57334","sourceIdentifier":"audit@patchstack.com","published":"2026-06-29T15:16:43.720","lastModified":"2026-06-29T18:39:20.080","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"Unauthenticated Broken Access Control in WP User Frontend <= 4.3.7 versions."}],"affected":[{"source":"audit@patchstack.com","affectedData":[{"vendor":"weDevs","product":"WP User Frontend","defaultStatus":"unaffected","collectionURL":"https://wordpress.org/plugins","packageName":"wp-user-frontend","versions":[{"version":"n/a","lessThanOrEqual":"4.3.7","versionType":"custom","status":"affected","changes":[{"at":"4.3.8","status":"unaffected"}]}]}]}],"metrics":{"cvssMetricV31":[{"source":"audit@patchstack.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"LOW","availabilityImpact":"LOW"},"exploitabilityScore":3.9,"impactScore":2.5}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-29T15:52:29.087347Z","id":"CVE-2026-57334","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"audit@patchstack.com","type":"Secondary","description":[{"lang":"en","value":"CWE-862"}]}],"references":[{"url":"https://patchstack.com/database/wordpress/plugin/wp-user-frontend/vulnerability/wordpress-wp-user-frontend-plugin-4-3-7-broken-access-control-vulnerability?_s_id=cve","source":"audit@patchstack.com"}]}},{"cve":{"id":"CVE-2026-57336","sourceIdentifier":"audit@patchstack.com","published":"2026-06-29T15:16:44.273","lastModified":"2026-06-29T18:39:20.080","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"Unauthenticated Cross Site Scripting (XSS) in Jobify <= 4.3.2 versions."}],"affected":[{"source":"audit@patchstack.com","affectedData":[{"vendor":"Astoundify","product":"Jobify","defaultStatus":"unaffected","collectionURL":"https://wordpress.org/themes","packageName":"jobify","versions":[{"version":"n/a","lessThanOrEqual":"4.3.2","versionType":"custom","status":"affected","changes":[{"at":"4.3.3","status":"unaffected"}]}]}]}],"metrics":{"cvssMetricV31":[{"source":"audit@patchstack.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L","baseScore":7.1,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"LOW"},"exploitabilityScore":2.8,"impactScore":3.7}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-29T15:15:15.634919Z","id":"CVE-2026-57336","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"audit@patchstack.com","type":"Secondary","description":[{"lang":"en","value":"CWE-79"}]}],"references":[{"url":"https://patchstack.com/database/wordpress/theme/jobify/vulnerability/wordpress-jobify-theme-4-3-2-cross-site-scripting-xss-vulnerability?_s_id=cve","source":"audit@patchstack.com"}]}},{"cve":{"id":"CVE-2026-57337","sourceIdentifier":"audit@patchstack.com","published":"2026-06-29T15:16:44.390","lastModified":"2026-06-29T18:39:20.080","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"Unauthenticated Cross Site Scripting (XSS) in Landing Page Builder <= 1.5.3.5 versions."}],"affected":[{"source":"audit@patchstack.com","affectedData":[{"vendor":"PluginOps","product":"Landing Page Builder","defaultStatus":"unaffected","collectionURL":"https://wordpress.org/plugins","packageName":"page-builder-add","versions":[{"version":"n/a","lessThanOrEqual":"1.5.3.5","versionType":"custom","status":"affected","changes":[{"at":"1.5.3.6","status":"unaffected"}]}]}]}],"metrics":{"cvssMetricV31":[{"source":"audit@patchstack.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L","baseScore":7.1,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"LOW"},"exploitabilityScore":2.8,"impactScore":3.7}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-29T14:58:10.438059Z","id":"CVE-2026-57337","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"audit@patchstack.com","type":"Secondary","description":[{"lang":"en","value":"CWE-79"}]}],"references":[{"url":"https://patchstack.com/database/wordpress/plugin/page-builder-add/vulnerability/wordpress-landing-page-builder-plugin-1-5-3-5-cross-site-scripting-xss-vulnerability?_s_id=cve","source":"audit@patchstack.com"}]}},{"cve":{"id":"CVE-2026-57338","sourceIdentifier":"audit@patchstack.com","published":"2026-06-29T15:16:44.510","lastModified":"2026-06-29T18:39:20.080","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"Unauthenticated Cross Site Scripting (XSS) in ARForms <= 7.1.2 versions."}],"affected":[{"source":"audit@patchstack.com","affectedData":[{"vendor":"Repute InfoSystems","product":"ARForms","defaultStatus":"unaffected","collectionURL":"https://wordpress.org/plugins","packageName":"arforms","versions":[{"version":"n/a","lessThanOrEqual":"7.1.2","versionType":"custom","status":"affected","changes":[{"at":"7.2","status":"unaffected"}]}]}]}],"metrics":{"cvssMetricV31":[{"source":"audit@patchstack.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L","baseScore":7.1,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"LOW"},"exploitabilityScore":2.8,"impactScore":3.7}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-29T15:07:17.535408Z","id":"CVE-2026-57338","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"audit@patchstack.com","type":"Secondary","description":[{"lang":"en","value":"CWE-79"}]}],"references":[{"url":"https://patchstack.com/database/wordpress/plugin/arforms/vulnerability/wordpress-arforms-plugin-7-1-2-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve","source":"audit@patchstack.com"}]}},{"cve":{"id":"CVE-2026-57339","sourceIdentifier":"audit@patchstack.com","published":"2026-06-29T15:16:44.620","lastModified":"2026-06-29T18:39:20.080","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"Unauthenticated Broken Access Control in Business Directory <= 6.4.23 versions."}],"affected":[{"source":"audit@patchstack.com","affectedData":[{"vendor":"Strategy11 Team","product":"Business Directory","defaultStatus":"unaffected","collectionURL":"https://wordpress.org/plugins","packageName":"business-directory-plugin","versions":[{"version":"n/a","lessThanOrEqual":"6.4.23","versionType":"custom","status":"affected","changes":[{"at":"6.4.24","status":"unaffected"}]}]}]}],"metrics":{"cvssMetricV31":[{"source":"audit@patchstack.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"LOW","availabilityImpact":"LOW"},"exploitabilityScore":3.9,"impactScore":2.5}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-29T15:50:52.337554Z","id":"CVE-2026-57339","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"audit@patchstack.com","type":"Secondary","description":[{"lang":"en","value":"CWE-862"}]}],"references":[{"url":"https://patchstack.com/database/wordpress/plugin/business-directory-plugin/vulnerability/wordpress-business-directory-plugin-6-4-23-broken-access-control-vulnerability?_s_id=cve","source":"audit@patchstack.com"}]}},{"cve":{"id":"CVE-2026-57340","sourceIdentifier":"audit@patchstack.com","published":"2026-06-29T15:16:44.740","lastModified":"2026-06-29T18:39:20.080","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"Unauthenticated Broken Access Control in Japanized For WooCommerce <= 2.9.12 versions."}],"affected":[{"source":"audit@patchstack.com","affectedData":[{"vendor":"shohei.tanaka","product":"Japanized For WooCommerce","defaultStatus":"unaffected","collectionURL":"https://wordpress.org/plugins","packageName":"woocommerce-for-japan","versions":[{"version":"n/a","lessThanOrEqual":"2.9.12","versionType":"custom","status":"affected","changes":[{"at":"2.9.13","status":"unaffected"}]}]}]}],"metrics":{"cvssMetricV31":[{"source":"audit@patchstack.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"LOW","availabilityImpact":"LOW"},"exploitabilityScore":3.9,"impactScore":2.5}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-29T15:55:55.645785Z","id":"CVE-2026-57340","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"audit@patchstack.com","type":"Secondary","description":[{"lang":"en","value":"CWE-862"}]}],"references":[{"url":"https://patchstack.com/database/wordpress/plugin/woocommerce-for-japan/vulnerability/wordpress-japanized-for-woocommerce-plugin-2-9-12-broken-access-control-vulnerability?_s_id=cve","source":"audit@patchstack.com"}]}},{"cve":{"id":"CVE-2026-57523","sourceIdentifier":"disclosure@vulncheck.com","published":"2026-06-29T15:16:45.070","lastModified":"2026-06-29T15:16:45.070","vulnStatus":"Rejected","cveTags":[],"descriptions":[{"lang":"en","value":"Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority."}],"metrics":{},"references":[]}},{"cve":{"id":"CVE-2026-57525","sourceIdentifier":"disclosure@vulncheck.com","published":"2026-06-29T15:16:45.133","lastModified":"2026-06-29T15:16:45.133","vulnStatus":"Rejected","cveTags":[],"descriptions":[{"lang":"en","value":"Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority."}],"metrics":{},"references":[]}},{"cve":{"id":"CVE-2026-13580","sourceIdentifier":"cna@vuldb.com","published":"2026-06-29T16:16:38.280","lastModified":"2026-06-29T18:47:21.983","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"A security vulnerability has been detected in Edimax EW-7478APC 1.04. This affects the function formQoS of the file /goform/formQoS of the component POST Request Handler. The manipulation of the argument selSSID leads to buffer overflow. Remote exploitation of the attack is possible. The exploit has been disclosed publicly and may be used. The vendor was contacted early about this disclosure but did not respond in any way."}],"affected":[{"source":"cna@vuldb.com","affectedData":[{"vendor":"Edimax","product":"EW-7478APC","cpes":["cpe:2.3:a:edimax:ew-7478apc:*:*:*:*:*:*:*:*"],"modules":["POST Request Handler"],"versions":[{"version":"1.04","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"cna@vuldb.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":7.4,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"LOW","userInteraction":"NONE","vulnConfidentialityImpact":"HIGH","vulnIntegrityImpact":"HIGH","vulnAvailabilityImpact":"HIGH","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"PROOF_OF_CONCEPT","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"cna@vuldb.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}],"cvssMetricV2":[{"source":"cna@vuldb.com","type":"Secondary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:S/C:C/I:C/A:C","baseScore":9.0,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"SINGLE","confidentialityImpact":"COMPLETE","integrityImpact":"COMPLETE","availabilityImpact":"COMPLETE"},"baseSeverity":"HIGH","exploitabilityScore":8.0,"impactScore":10.0,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-29T16:19:43.559040Z","id":"CVE-2026-13580","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"cna@vuldb.com","type":"Secondary","description":[{"lang":"en","value":"CWE-119"},{"lang":"en","value":"CWE-120"}]}],"references":[{"url":"https://lavender-bicycle-a5a.notion.site/EDIMAX-EW-7478APC-formQoS-34b53a41781f8095bffacdea103a82d1","source":"cna@vuldb.com"},{"url":"https://vuldb.com/cve/CVE-2026-13580","source":"cna@vuldb.com"},{"url":"https://vuldb.com/submit/844115","source":"cna@vuldb.com"},{"url":"https://vuldb.com/vuln/374586","source":"cna@vuldb.com"},{"url":"https://vuldb.com/vuln/374586/cti","source":"cna@vuldb.com"}]}},{"cve":{"id":"CVE-2026-13582","sourceIdentifier":"cna@vuldb.com","published":"2026-06-29T16:16:38.610","lastModified":"2026-06-29T18:47:21.983","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"A flaw has been found in Edimax EW-7478APC 1.04. This issue affects the function formUSBAccount of the file /goform/formUSBAccount of the component POST Request Handler. This manipulation of the argument UserName/Password causes buffer overflow. The attack is possible to be carried out remotely. The exploit has been published and may be used. The vendor was contacted early about this disclosure but did not respond in any way."}],"affected":[{"source":"cna@vuldb.com","affectedData":[{"vendor":"Edimax","product":"EW-7478APC","cpes":["cpe:2.3:a:edimax:ew-7478apc:*:*:*:*:*:*:*:*"],"modules":["POST Request Handler"],"versions":[{"version":"1.04","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"cna@vuldb.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":7.4,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"LOW","userInteraction":"NONE","vulnConfidentialityImpact":"HIGH","vulnIntegrityImpact":"HIGH","vulnAvailabilityImpact":"HIGH","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"PROOF_OF_CONCEPT","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"cna@vuldb.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}],"cvssMetricV2":[{"source":"cna@vuldb.com","type":"Secondary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:S/C:C/I:C/A:C","baseScore":9.0,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"SINGLE","confidentialityImpact":"COMPLETE","integrityImpact":"COMPLETE","availabilityImpact":"COMPLETE"},"baseSeverity":"HIGH","exploitabilityScore":8.0,"impactScore":10.0,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-29T16:23:35.612590Z","id":"CVE-2026-13582","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"cna@vuldb.com","type":"Secondary","description":[{"lang":"en","value":"CWE-119"},{"lang":"en","value":"CWE-120"}]}],"references":[{"url":"https://lavender-bicycle-a5a.notion.site/EDIMAX-EW-7478APC-formUSBAccount-34b53a41781f8077ad48e4c3af9be499","source":"cna@vuldb.com"},{"url":"https://vuldb.com/cve/CVE-2026-13582","source":"cna@vuldb.com"},{"url":"https://vuldb.com/submit/844117","source":"cna@vuldb.com"},{"url":"https://vuldb.com/vuln/374588","source":"cna@vuldb.com"},{"url":"https://vuldb.com/vuln/374588/cti","source":"cna@vuldb.com"}]}},{"cve":{"id":"CVE-2026-13587","sourceIdentifier":"cna@vuldb.com","published":"2026-06-29T16:16:38.943","lastModified":"2026-06-29T18:47:21.983","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"A vulnerability was found in seladb PcapPlusPlus 25.05. The affected element is the function parse_by_block_type of the file light_pcapng.c of the component LightPcapNg Parser. Performing a manipulation of the argument captured_packet_length results in heap-based buffer overflow. It is possible to initiate the attack remotely. The attack's complexity is rated as high. The exploitability is described as difficult. The exploit has been made public and could be used."}],"affected":[{"source":"cna@vuldb.com","affectedData":[{"vendor":"seladb","product":"PcapPlusPlus","cpes":["cpe:2.3:a:seladb:pcapplusplus:*:*:*:*:*:*:*:*"],"modules":["LightPcapNg Parser"],"versions":[{"version":"25.05","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"cna@vuldb.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":2.9,"baseSeverity":"LOW","attackVector":"NETWORK","attackComplexity":"HIGH","attackRequirements":"NONE","privilegesRequired":"NONE","userInteraction":"NONE","vulnConfidentialityImpact":"NONE","vulnIntegrityImpact":"NONE","vulnAvailabilityImpact":"LOW","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"PROOF_OF_CONCEPT","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"cna@vuldb.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L","baseScore":3.7,"baseSeverity":"LOW","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"LOW"},"exploitabilityScore":2.2,"impactScore":1.4}],"cvssMetricV2":[{"source":"cna@vuldb.com","type":"Secondary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:H/Au:N/C:N/I:N/A:P","baseScore":2.6,"accessVector":"NETWORK","accessComplexity":"HIGH","authentication":"NONE","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"PARTIAL"},"baseSeverity":"LOW","exploitabilityScore":4.9,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-29T17:41:35.368010Z","id":"CVE-2026-13587","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"cna@vuldb.com","type":"Secondary","description":[{"lang":"en","value":"CWE-119"},{"lang":"en","value":"CWE-122"}]}],"references":[{"url":"https://github.com/seladb/PcapPlusPlus/","source":"cna@vuldb.com"},{"url":"https://github.com/seladb/PcapPlusPlus/issues/2149","source":"cna@vuldb.com"},{"url":"https://github.com/user-attachments/files/28207967/poc.zip","source":"cna@vuldb.com"},{"url":"https://vuldb.com/cve/CVE-2026-13587","source":"cna@vuldb.com"},{"url":"https://vuldb.com/submit/844479","source":"cna@vuldb.com"},{"url":"https://vuldb.com/vuln/374590","source":"cna@vuldb.com"},{"url":"https://vuldb.com/vuln/374590/cti","source":"cna@vuldb.com"}]}},{"cve":{"id":"CVE-2026-13742","sourceIdentifier":"psirt@honeywell.com","published":"2026-06-29T16:16:39.110","lastModified":"2026-06-29T18:52:40.497","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"Honeywell IQ MultiAccess, all versions prior to and including version 28, contain an improper digital signature verification vulnerability. An attacker could potentially exploit this vulnerability, leading to the replacement of downloaded file with a malicious one. Honeywell also recommends updating to the most recent version of this product, service, or offering [V27 SP1, V28 SP1]"}],"affected":[{"source":"psirt@honeywell.com","affectedData":[{"vendor":"Honeywell Technologies","product":"IQ MultiAccess","defaultStatus":"unaffected","platforms":["Windows"],"versions":[{"version":"IQ.v27","lessThanOrEqual":"28","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"psirt@honeywell.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:L/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":5.9,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","attackRequirements":"PRESENT","privilegesRequired":"LOW","userInteraction":"NONE","vulnConfidentialityImpact":"LOW","vulnIntegrityImpact":"HIGH","vulnAvailabilityImpact":"HIGH","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-29T16:24:12.302631Z","id":"CVE-2026-13742","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"psirt@honeywell.com","type":"Secondary","description":[{"lang":"en","value":"CWE-367"}]}],"references":[{"url":"https://www.honeywell.com/us/en/product-security","source":"psirt@honeywell.com"}]}},{"cve":{"id":"CVE-2026-12672","sourceIdentifier":"security@wordfence.com","published":"2026-06-29T17:16:28.143","lastModified":"2026-06-29T17:16:28.143","vulnStatus":"Rejected","cveTags":[],"descriptions":[{"lang":"en","value":"Rejected reason: ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. Reason: This candidate was issued in error. Notes: All references and descriptions in this candidate have been removed to prevent accidental usage."}],"metrics":{},"references":[]}},{"cve":{"id":"CVE-2026-13588","sourceIdentifier":"cna@vuldb.com","published":"2026-06-29T17:16:28.753","lastModified":"2026-06-29T18:47:21.983","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"A vulnerability was determined in seladb PcapPlusPlus 25.05. The impacted element is the function pcpp::SSLClientHelloMessage::getHandshakeVersion of the file Packet++/src/SSLHandshake.cpp of the component TLS Hello Handler. Executing a manipulation of the argument handshakeVersion can lead to heap-based buffer overflow. It is possible to launch the attack remotely. This attack is characterized by high complexity. The exploitability is regarded as difficult. The exploit has been publicly disclosed and may be utilized. This patch is called 98e671010bc7c87b95898c22ae289220ae92542b. It is best practice to apply a patch to resolve this issue."}],"affected":[{"source":"cna@vuldb.com","affectedData":[{"vendor":"seladb","product":"PcapPlusPlus","cpes":["cpe:2.3:a:seladb:pcapplusplus:*:*:*:*:*:*:*:*"],"modules":["TLS Hello Handler"],"versions":[{"version":"25.05","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"cna@vuldb.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":2.9,"baseSeverity":"LOW","attackVector":"NETWORK","attackComplexity":"HIGH","attackRequirements":"NONE","privilegesRequired":"NONE","userInteraction":"NONE","vulnConfidentialityImpact":"LOW","vulnIntegrityImpact":"LOW","vulnAvailabilityImpact":"LOW","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"PROOF_OF_CONCEPT","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"cna@vuldb.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L","baseScore":5.6,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"LOW"},"exploitabilityScore":2.2,"impactScore":3.4}],"cvssMetricV2":[{"source":"cna@vuldb.com","type":"Secondary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:H/Au:N/C:P/I:P/A:P","baseScore":5.1,"accessVector":"NETWORK","accessComplexity":"HIGH","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"MEDIUM","exploitabilityScore":4.9,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-29T17:41:34.458106Z","id":"CVE-2026-13588","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"cna@vuldb.com","type":"Secondary","description":[{"lang":"en","value":"CWE-119"},{"lang":"en","value":"CWE-122"}]}],"references":[{"url":"https://github.com/seladb/PcapPlusPlus/","source":"cna@vuldb.com"},{"url":"https://github.com/seladb/PcapPlusPlus/commit/98e671010bc7c87b95898c22ae289220ae92542b","source":"cna@vuldb.com"},{"url":"https://github.com/seladb/PcapPlusPlus/issues/2151","source":"cna@vuldb.com"},{"url":"https://github.com/seladb/PcapPlusPlus/pull/2161","source":"cna@vuldb.com"},{"url":"https://github.com/user-attachments/files/28213479/poc.zip","source":"cna@vuldb.com"},{"url":"https://vuldb.com/cve/CVE-2026-13588","source":"cna@vuldb.com"},{"url":"https://vuldb.com/submit/844481","source":"cna@vuldb.com"},{"url":"https://vuldb.com/vuln/374591","source":"cna@vuldb.com"},{"url":"https://vuldb.com/vuln/374591/cti","source":"cna@vuldb.com"}]}},{"cve":{"id":"CVE-2026-13589","sourceIdentifier":"cna@vuldb.com","published":"2026-06-29T17:16:28.907","lastModified":"2026-06-29T18:47:21.983","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"A vulnerability was identified in seladb PcapPlusPlus 25.05. This affects the function pcpp::TelnetLayer::getSubCommand of the file Packet++/src/TelnetLayer.cpp of the component Telnet Subnegotiation Packet Handler. The manipulation leads to heap-based buffer overflow. The attack can be initiated remotely. The complexity of an attack is rather high. The exploitability is reported as difficult. The exploit is publicly available and might be used. The identifier of the patch is 98e671010bc7c87b95898c22ae289220ae92542b. It is recommended to apply a patch to fix this issue."}],"affected":[{"source":"cna@vuldb.com","affectedData":[{"vendor":"seladb","product":"PcapPlusPlus","cpes":["cpe:2.3:a:seladb:pcapplusplus:*:*:*:*:*:*:*:*"],"modules":["Telnet Subnegotiation Packet Handler"],"versions":[{"version":"25.05","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"cna@vuldb.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":2.9,"baseSeverity":"LOW","attackVector":"NETWORK","attackComplexity":"HIGH","attackRequirements":"NONE","privilegesRequired":"NONE","userInteraction":"NONE","vulnConfidentialityImpact":"LOW","vulnIntegrityImpact":"LOW","vulnAvailabilityImpact":"LOW","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"PROOF_OF_CONCEPT","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"cna@vuldb.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L","baseScore":5.6,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"LOW"},"exploitabilityScore":2.2,"impactScore":3.4}],"cvssMetricV2":[{"source":"cna@vuldb.com","type":"Secondary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:H/Au:N/C:P/I:P/A:P","baseScore":5.1,"accessVector":"NETWORK","accessComplexity":"HIGH","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"MEDIUM","exploitabilityScore":4.9,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-29T17:22:20.854046Z","id":"CVE-2026-13589","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"cna@vuldb.com","type":"Secondary","description":[{"lang":"en","value":"CWE-119"},{"lang":"en","value":"CWE-122"}]}],"references":[{"url":"https://github.com/seladb/PcapPlusPlus/","source":"cna@vuldb.com"},{"url":"https://github.com/seladb/PcapPlusPlus/commit/98e671010bc7c87b95898c22ae289220ae92542b","source":"cna@vuldb.com"},{"url":"https://github.com/seladb/PcapPlusPlus/issues/2152","source":"cna@vuldb.com"},{"url":"https://github.com/seladb/PcapPlusPlus/pull/2161","source":"cna@vuldb.com"},{"url":"https://github.com/user-attachments/files/28214571/poc.zip","source":"cna@vuldb.com"},{"url":"https://vuldb.com/cve/CVE-2026-13589","source":"cna@vuldb.com"},{"url":"https://vuldb.com/submit/844482","source":"cna@vuldb.com"},{"url":"https://vuldb.com/vuln/374592","source":"cna@vuldb.com"},{"url":"https://vuldb.com/vuln/374592/cti","source":"cna@vuldb.com"}]}},{"cve":{"id":"CVE-2026-13591","sourceIdentifier":"cna@vuldb.com","published":"2026-06-29T17:16:29.210","lastModified":"2026-06-29T18:47:21.983","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"A weakness has been identified in DeepMyst Mysti 0.4.0. Affected is the function _isTrackedConversation of the file src/managers/ChannelBridge.ts of the component Contact Tracking. This manipulation of the argument _channelType causes improper authorization. The attack may be initiated remotely. A high degree of complexity is needed for the attack. The exploitability is told to be difficult. The exploit has been made available to the public and could be used for attacks. Patch name: 9b4aff0f106db424aa45a35aa89dd0b8f2eb9a48. It is suggested to install a patch to address this issue."}],"affected":[{"source":"cna@vuldb.com","affectedData":[{"vendor":"DeepMyst","product":"Mysti","cpes":["cpe:2.3:a:deepmyst:mysti:*:*:*:*:*:*:*:*"],"modules":["Contact Tracking"],"versions":[{"version":"0.4.0","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"cna@vuldb.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":1.3,"baseSeverity":"LOW","attackVector":"NETWORK","attackComplexity":"HIGH","attackRequirements":"NONE","privilegesRequired":"LOW","userInteraction":"NONE","vulnConfidentialityImpact":"LOW","vulnIntegrityImpact":"LOW","vulnAvailabilityImpact":"LOW","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"PROOF_OF_CONCEPT","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"cna@vuldb.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L","baseScore":5.0,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"LOW"},"exploitabilityScore":1.6,"impactScore":3.4}],"cvssMetricV2":[{"source":"cna@vuldb.com","type":"Secondary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:H/Au:S/C:P/I:P/A:P","baseScore":4.6,"accessVector":"NETWORK","accessComplexity":"HIGH","authentication":"SINGLE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"MEDIUM","exploitabilityScore":3.9,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-29T17:30:38.595087Z","id":"CVE-2026-13591","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"cna@vuldb.com","type":"Secondary","description":[{"lang":"en","value":"CWE-266"},{"lang":"en","value":"CWE-285"}]}],"references":[{"url":"https://github.com/DeepMyst/Mysti/","source":"cna@vuldb.com"},{"url":"https://github.com/DeepMyst/Mysti/commit/9b4aff0f106db424aa45a35aa89dd0b8f2eb9a48","source":"cna@vuldb.com"},{"url":"https://github.com/DeepMyst/Mysti/issues/42","source":"cna@vuldb.com"},{"url":"https://github.com/DeepMyst/Mysti/pull/43","source":"cna@vuldb.com"},{"url":"https://vuldb.com/cve/CVE-2026-13591","source":"cna@vuldb.com"},{"url":"https://vuldb.com/submit/844480","source":"cna@vuldb.com"},{"url":"https://vuldb.com/vuln/374594","source":"cna@vuldb.com"},{"url":"https://vuldb.com/vuln/374594/cti","source":"cna@vuldb.com"}]}},{"cve":{"id":"CVE-2026-56285","sourceIdentifier":"disclosure@vulncheck.com","published":"2026-06-29T18:16:38.410","lastModified":"2026-06-29T20:17:39.787","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"Nitter's /video media proxy endpoint fails to validate target URLs against Twitter/X domains and uses a hardcoded default HMAC key, allowing unauthenticated attackers to compute valid HMACs for arbitrary URLs. Attackers can retrieve HTTP responses from any host reachable by the server, including cloud metadata services and internal network resources."}],"affected":[{"source":"disclosure@vulncheck.com","affectedData":[{"vendor":"zedeus","product":"nitter","defaultStatus":"unaffected","repo":"https://github.com/zedeus/nitter","versions":[{"version":"0","lessThan":"44b2f096f67da2cc257a0e262a94a7ae79e95d47","versionType":"git","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"disclosure@vulncheck.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:H/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":7.7,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"NONE","userInteraction":"NONE","vulnConfidentialityImpact":"NONE","vulnIntegrityImpact":"LOW","vulnAvailabilityImpact":"NONE","subConfidentialityImpact":"HIGH","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"disclosure@vulncheck.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N","baseScore":8.6,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":4.0}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-29T19:26:23.558914Z","id":"CVE-2026-56285","options":[{"exploitation":"poc"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"disclosure@vulncheck.com","type":"Secondary","description":[{"lang":"en","value":"CWE-918"},{"lang":"en","value":"CWE-1188"}]}],"references":[{"url":"https://github.com/zedeus/nitter/commit/44b2f096f67da2cc257a0e262a94a7ae79e95d47","source":"disclosure@vulncheck.com"},{"url":"https://github.com/zedeus/nitter/issues/1411","source":"disclosure@vulncheck.com"},{"url":"https://www.vulncheck.com/advisories/nitter-server-side-request-forgery-in-video-media-proxy-endpoint","source":"disclosure@vulncheck.com"},{"url":"https://github.com/zedeus/nitter/issues/1411","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0"}]}},{"cve":{"id":"CVE-2026-56781","sourceIdentifier":"disclosure@vulncheck.com","published":"2026-06-29T18:16:38.683","lastModified":"2026-06-29T19:16:42.020","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"Teable before 2026-06-15T04-43-24Z.1912 contains an improper access control vulnerability that allows anonymous attackers to access hidden field data by supplying arbitrary field IDs in the projection parameter of the share view records endpoint. Attackers can enumerate hidden field IDs from share metadata and specify them in projection parameters to read field values that are intended to be restricted from public view."}],"affected":[{"source":"disclosure@vulncheck.com","affectedData":[{"vendor":"teableio","product":"teable","defaultStatus":"unaffected","repo":"https://github.com/teableio/teable","versions":[{"version":"0","lessThan":"2026-06-15T04-43-24Z.1912","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"disclosure@vulncheck.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":6.9,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"NONE","userInteraction":"NONE","vulnConfidentialityImpact":"LOW","vulnIntegrityImpact":"NONE","vulnAvailabilityImpact":"NONE","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"disclosure@vulncheck.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N","baseScore":5.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":1.4}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-29T18:22:15.362249Z","id":"CVE-2026-56781","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"disclosure@vulncheck.com","type":"Secondary","description":[{"lang":"en","value":"CWE-639"}]}],"references":[{"url":"https://github.com/teableio/teable/issues/3335","source":"disclosure@vulncheck.com"},{"url":"https://github.com/teableio/teable/pull/3353","source":"disclosure@vulncheck.com"},{"url":"https://github.com/teableio/teable/releases/tag/release.2026-06-15T04-43-24Z.1912","source":"disclosure@vulncheck.com"},{"url":"https://www.vulncheck.com/advisories/teable-unauthenticated-hidden-field-disclosure-via-projection-parameter-override","source":"disclosure@vulncheck.com"}]}},{"cve":{"id":"CVE-2026-56782","sourceIdentifier":"disclosure@vulncheck.com","published":"2026-06-29T18:16:38.817","lastModified":"2026-06-29T20:17:39.907","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"Gorse before 0.5.10 contains an authentication bypass vulnerability in the /api/dump and /api/restore endpoints that allows unauthenticated attackers to access protected functionality when admin_api_key is empty, which is the default configuration. Remote attackers can exfiltrate the entire database including user records, items, and feedback data containing personally identifiable information, or completely overwrite the dataset without authentication."}],"affected":[{"source":"disclosure@vulncheck.com","affectedData":[{"vendor":"gorse-io","product":"gorse","defaultStatus":"unaffected","repo":"https://github.com/gorse-io/gorse","versions":[{"version":"0","lessThan":"0.5.10","versionType":"semver","status":"affected"},{"version":"0.5.10","versionType":"semver","status":"unaffected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"disclosure@vulncheck.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":9.3,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"NONE","userInteraction":"NONE","vulnConfidentialityImpact":"HIGH","vulnIntegrityImpact":"HIGH","vulnAvailabilityImpact":"HIGH","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"disclosure@vulncheck.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-29T19:41:24.574961Z","id":"CVE-2026-56782","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"disclosure@vulncheck.com","type":"Secondary","description":[{"lang":"en","value":"CWE-306"}]}],"references":[{"url":"https://github.com/gorse-io/gorse/commit/19fdcbb309fb5b609e9cc3eb10c74885b5b27da9","source":"disclosure@vulncheck.com"},{"url":"https://github.com/gorse-io/gorse/issues/1292","source":"disclosure@vulncheck.com"},{"url":"https://github.com/gorse-io/gorse/pull/1293","source":"disclosure@vulncheck.com"},{"url":"https://www.vulncheck.com/advisories/gorse-unauthenticated-database-dump-and-restore-via-api-dump-and-api-restore-endpoints","source":"disclosure@vulncheck.com"}]}},{"cve":{"id":"CVE-2026-57942","sourceIdentifier":"disclosure@vulncheck.com","published":"2026-06-29T18:16:39.180","lastModified":"2026-06-29T19:16:42.133","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"LibreTranslate through 1.9.7, fixed in commit 397fd22, contains an IP spoofing vulnerability in the get_remote_address() function that allows unauthenticated attackers to spoof client IP addresses by injecting arbitrary values into the X-Forwarded-For header without trusted proxy validation. Attackers can bypass per-IP rate limiting and flood bans by supplying forged addresses in the X-Forwarded-For header to enable unlimited API abuse."}],"affected":[{"source":"disclosure@vulncheck.com","affectedData":[{"vendor":"LibreTranslate","product":"LibreTranslate","defaultStatus":"unaffected","repo":"https://github.com/LibreTranslate/LibreTranslate","packageURL":"pkg:pypi/libretranslate","versions":[{"version":"0","lessThanOrEqual":"1.9.7","versionType":"semver","status":"affected"},{"version":"397fd224080515d4001a1bc60c8fed53e3c56b6f","versionType":"git","status":"unaffected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"disclosure@vulncheck.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":6.9,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"NONE","userInteraction":"NONE","vulnConfidentialityImpact":"NONE","vulnIntegrityImpact":"NONE","vulnAvailabilityImpact":"LOW","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"disclosure@vulncheck.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L","baseScore":5.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"LOW"},"exploitabilityScore":3.9,"impactScore":1.4}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-29T18:37:47.012327Z","id":"CVE-2026-57942","options":[{"exploitation":"poc"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"disclosure@vulncheck.com","type":"Secondary","description":[{"lang":"en","value":"CWE-348"}]}],"references":[{"url":"https://github.com/LibreTranslate/LibreTranslate/commit/397fd224080515d4001a1bc60c8fed53e3c56b6f","source":"disclosure@vulncheck.com"},{"url":"https://github.com/LibreTranslate/LibreTranslate/issues/986","source":"disclosure@vulncheck.com"},{"url":"https://github.com/LibreTranslate/LibreTranslate/pull/987","source":"disclosure@vulncheck.com"},{"url":"https://www.vulncheck.com/advisories/libretranslate-ip-spoofing-via-x-forwarded-for-header","source":"disclosure@vulncheck.com"},{"url":"https://github.com/LibreTranslate/LibreTranslate/issues/986","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0"}]}},{"cve":{"id":"CVE-2026-57943","sourceIdentifier":"disclosure@vulncheck.com","published":"2026-06-29T18:16:39.323","lastModified":"2026-06-29T20:17:40.297","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"LibrePhotos before 1.0.0 contains a broken object level authorization vulnerability in the SetPhotosShared endpoint that allows authenticated users to grant themselves access to other users' private photos by bypassing ownership validation. Attackers can manipulate shared_to relations without proper owner checks to read arbitrary private photos belonging to other users."}],"affected":[{"source":"disclosure@vulncheck.com","affectedData":[{"vendor":"LibrePhotos","product":"librephotos","defaultStatus":"unaffected","repo":"https://github.com/LibrePhotos/librephotos","versions":[{"version":"0","lessThan":"1.0.0","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"disclosure@vulncheck.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:N/VC:H/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":6.0,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"HIGH","attackRequirements":"NONE","privilegesRequired":"LOW","userInteraction":"NONE","vulnConfidentialityImpact":"HIGH","vulnIntegrityImpact":"LOW","vulnAvailabilityImpact":"NONE","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"disclosure@vulncheck.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:L/A:N","baseScore":5.9,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":1.6,"impactScore":4.2}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-29T19:25:24.388007Z","id":"CVE-2026-57943","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"disclosure@vulncheck.com","type":"Secondary","description":[{"lang":"en","value":"CWE-639"}]}],"references":[{"url":"https://github.com/LibrePhotos/librephotos/commit/325bd1f5fda71c6d56737aa09cfce0cb8106675a","source":"disclosure@vulncheck.com"},{"url":"https://github.com/LibrePhotos/librephotos/issues/1860","source":"disclosure@vulncheck.com"},{"url":"https://github.com/LibrePhotos/librephotos/pull/1866","source":"disclosure@vulncheck.com"},{"url":"https://github.com/LibrePhotos/librephotos/releases/tag/1.0.0","source":"disclosure@vulncheck.com"},{"url":"https://www.vulncheck.com/advisories/librephotos-insecure-direct-object-reference-in-setphotosshared-endpoint","source":"disclosure@vulncheck.com"},{"url":"https://github.com/LibrePhotos/librephotos/issues/1860","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0"}]}},{"cve":{"id":"CVE-2026-57946","sourceIdentifier":"disclosure@vulncheck.com","published":"2026-06-29T18:16:39.587","lastModified":"2026-06-29T19:22:57.460","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"Invidious before version 2.20260626.0 contains a broken access control vulnerability that allows unauthenticated attackers to retrieve private playlist contents by accessing the RSS feed playlist endpoint without authentication. Attackers can supply a playlist ID to the feed endpoint to obtain the full playlist contents, owner email address, and associated video entries without any authentication."}],"affected":[{"source":"disclosure@vulncheck.com","affectedData":[{"vendor":"iv-org","product":"Invidious","defaultStatus":"unaffected","repo":"https://github.com/iv-org/invidious","versions":[{"version":"0","lessThan":"2.20260626.0","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"disclosure@vulncheck.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":6.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"HIGH","attackRequirements":"NONE","privilegesRequired":"NONE","userInteraction":"NONE","vulnConfidentialityImpact":"LOW","vulnIntegrityImpact":"NONE","vulnAvailabilityImpact":"NONE","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"disclosure@vulncheck.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N","baseScore":3.7,"baseSeverity":"LOW","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":2.2,"impactScore":1.4}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-29T18:20:32.000439Z","id":"CVE-2026-57946","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"disclosure@vulncheck.com","type":"Secondary","description":[{"lang":"en","value":"CWE-862"}]}],"references":[{"url":"https://github.com/iv-org/invidious/commit/c435dc1204970bcca06bcdcfb116c22092be22fd","source":"disclosure@vulncheck.com"},{"url":"https://github.com/iv-org/invidious/issues/5775","source":"disclosure@vulncheck.com"},{"url":"https://github.com/iv-org/invidious/pull/5776","source":"disclosure@vulncheck.com"},{"url":"https://github.com/iv-org/invidious/releases/tag/v2.20260626.0","source":"disclosure@vulncheck.com"},{"url":"https://www.vulncheck.com/advisories/invidious-private-playlist-disclosure-via-unauthenticated-rss-feed-endpoint","source":"disclosure@vulncheck.com"},{"url":"https://github.com/iv-org/invidious/issues/5775","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0"}]}},{"cve":{"id":"CVE-2026-57947","sourceIdentifier":"disclosure@vulncheck.com","published":"2026-06-29T18:16:39.720","lastModified":"2026-06-29T20:17:40.450","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"Pinpoint through 3.1.0 contains a server-side request forgery vulnerability in the webhook registration endpoint that allows authenticated users to register internal URLs due to missing SSRF protection. Attackers can trigger alarm threshold breaches to force the server to issue POST requests to internal hosts and metadata endpoints, enabling unauthorized access to internal network resources."}],"affected":[{"source":"disclosure@vulncheck.com","affectedData":[{"vendor":"pinpoint-apm","product":"pinpoint","defaultStatus":"unaffected","repo":"https://github.com/pinpoint-apm/pinpoint","versions":[{"version":"0","lessThanOrEqual":"3.1.0","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"disclosure@vulncheck.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:H/SI:L/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":6.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"LOW","userInteraction":"NONE","vulnConfidentialityImpact":"LOW","vulnIntegrityImpact":"NONE","vulnAvailabilityImpact":"NONE","subConfidentialityImpact":"HIGH","subIntegrityImpact":"LOW","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"disclosure@vulncheck.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:L/A:N","baseScore":8.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":3.1,"impactScore":4.7}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-29T19:41:00.512827Z","id":"CVE-2026-57947","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"disclosure@vulncheck.com","type":"Secondary","description":[{"lang":"en","value":"CWE-918"}]}],"references":[{"url":"https://github.com/pinpoint-apm/pinpoint/issues/13857","source":"disclosure@vulncheck.com"},{"url":"https://www.vulncheck.com/advisories/pinpoint-server-side-request-forgery-via-alarm-webhook-registration","source":"disclosure@vulncheck.com"}]}},{"cve":{"id":"CVE-2026-57949","sourceIdentifier":"disclosure@vulncheck.com","published":"2026-06-29T18:16:39.997","lastModified":"2026-06-29T19:16:42.397","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"ruoyi-vue-pro through 2026.05, fixed in commit c779a47, contains a missing authorization vulnerability in the CRM module's GET /admin-api/crm/follow-up-record/get endpoint that allows authenticated users to read any follow-up record by iterating sequential numeric IDs. Attackers can exploit this by sending requests with arbitrary ID parameters to access other users' follow-up notes, file attachments, scheduling information, and business entity references without proper authorization checks."}],"affected":[{"source":"disclosure@vulncheck.com","affectedData":[{"vendor":"Yunai","product":"ruoyi-vue-pro","defaultStatus":"unaffected","repo":"https://github.com/YunaiV/ruoyi-vue-pro","versions":[{"version":"0","lessThanOrEqual":"2026.05","versionType":"custom","status":"affected"},{"version":"c779a476617c58a38904191094d22df254b42542","versionType":"git","status":"unaffected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"disclosure@vulncheck.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":7.1,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"LOW","userInteraction":"NONE","vulnConfidentialityImpact":"HIGH","vulnIntegrityImpact":"NONE","vulnAvailabilityImpact":"NONE","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"disclosure@vulncheck.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-29T18:38:18.928444Z","id":"CVE-2026-57949","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"disclosure@vulncheck.com","type":"Secondary","description":[{"lang":"en","value":"CWE-862"}]}],"references":[{"url":"https://github.com/YunaiV/ruoyi-vue-pro/commit/c779a476617c58a38904191094d22df254b42542","source":"disclosure@vulncheck.com"},{"url":"https://github.com/YunaiV/ruoyi-vue-pro/issues/1159","source":"disclosure@vulncheck.com"},{"url":"https://www.vulncheck.com/advisories/ruoyi-vue-pro-missing-authorization-in-crm-follow-up-record-get-endpoint","source":"disclosure@vulncheck.com"},{"url":"https://github.com/YunaiV/ruoyi-vue-pro/issues/1159","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0"}]}},{"cve":{"id":"CVE-2026-57950","sourceIdentifier":"disclosure@vulncheck.com","published":"2026-06-29T18:16:40.130","lastModified":"2026-06-29T20:17:40.670","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"ruoyi-vue-pro through 2026.05, fixed in commit 5d1fd70 contains a broken access control vulnerability in ErpSaleOrderController that allows attackers with erp:sale-out permissions to gain unauthorized access to sale order operations by exploiting an incorrect permission namespace enforcement. Attackers holding shipment-level permissions can perform unauthorized create, update, delete, and read operations on financially sensitive sale orders due to the controller enforcing erp:sale-out instead of the intended erp:sale-order namespace."}],"affected":[{"source":"disclosure@vulncheck.com","affectedData":[{"vendor":"Yunai","product":"ruoyi-vue-pro","defaultStatus":"unaffected","repo":"https://github.com/YunaiV/ruoyi-vue-pro","versions":[{"version":"0","lessThanOrEqual":"2026.05","versionType":"custom","status":"affected"},{"version":"5d1fd70dc3e61bf64e7ce3328a71cc60001175c6","versionType":"git","status":"unaffected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"disclosure@vulncheck.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":8.6,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"LOW","userInteraction":"NONE","vulnConfidentialityImpact":"HIGH","vulnIntegrityImpact":"HIGH","vulnAvailabilityImpact":"NONE","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"disclosure@vulncheck.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N","baseScore":8.1,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":5.2}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-29T19:23:37.885227Z","id":"CVE-2026-57950","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"disclosure@vulncheck.com","type":"Secondary","description":[{"lang":"en","value":"CWE-863"}]}],"references":[{"url":"https://github.com/YunaiV/ruoyi-vue-pro/commit/5d1fd70dc3e61bf64e7ce3328a71cc60001175c6","source":"disclosure@vulncheck.com"},{"url":"https://github.com/YunaiV/ruoyi-vue-pro/issues/1161","source":"disclosure@vulncheck.com"},{"url":"https://www.vulncheck.com/advisories/ruoyi-vue-pro-incorrect-permission-namespace-in-erpsaleordercontroller","source":"disclosure@vulncheck.com"},{"url":"https://github.com/YunaiV/ruoyi-vue-pro/issues/1161","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0"}]}},{"cve":{"id":"CVE-2026-57955","sourceIdentifier":"disclosure@vulncheck.com","published":"2026-06-29T18:16:40.817","lastModified":"2026-06-29T19:16:42.637","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"SigNoz through 0.130.1 contains a SQL injection vulnerability that allows authenticated attackers to execute arbitrary ClickHouse queries by injecting URL-encoded quotes into the rule ID path parameter of the alert-history endpoints. Attackers can manipulate the unsanitized rule ID interpolated into ClickHouse queries to read all stored traces, logs, and metrics, or abuse the url() function to perform server-side request forgery."}],"affected":[{"source":"disclosure@vulncheck.com","affectedData":[{"vendor":"SigNoz","product":"signoz","defaultStatus":"unaffected","repo":"https://github.com/SigNoz/signoz","versions":[{"version":"0","lessThanOrEqual":"0.130.1","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"disclosure@vulncheck.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:L/VA:N/SC:H/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":8.3,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"LOW","userInteraction":"NONE","vulnConfidentialityImpact":"HIGH","vulnIntegrityImpact":"LOW","vulnAvailabilityImpact":"NONE","subConfidentialityImpact":"HIGH","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"disclosure@vulncheck.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:L/A:N","baseScore":8.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":3.1,"impactScore":4.7}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-29T18:38:51.565390Z","id":"CVE-2026-57955","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"disclosure@vulncheck.com","type":"Secondary","description":[{"lang":"en","value":"CWE-89"}]}],"references":[{"url":"https://github.com/SigNoz/signoz/issues/11747","source":"disclosure@vulncheck.com"},{"url":"https://www.vulncheck.com/advisories/signoz-sql-injection-in-alert-history-endpoints-via-rule-id-parameter","source":"disclosure@vulncheck.com"}]}},{"cve":{"id":"CVE-2026-57956","sourceIdentifier":"disclosure@vulncheck.com","published":"2026-06-29T18:16:40.963","lastModified":"2026-06-29T20:17:40.957","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"SigNoz through 0.130.1 contains a broken access control vulnerability that allows authenticated users to access other organizations' alert rules by supplying a target rule UUID, as the alert rule store predicates fail to filter by organization ID. Attackers can read, edit, and delete alert rules belonging to other organizations by exploiting the missing tenant isolation check, bypassing multi-tenant access controls."}],"affected":[{"source":"disclosure@vulncheck.com","affectedData":[{"vendor":"SigNoz","product":"signoz","defaultStatus":"unaffected","repo":"https://github.com/SigNoz/signoz","versions":[{"version":"0","lessThanOrEqual":"0.130.1","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"disclosure@vulncheck.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:N/VC:L/VI:H/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":6.1,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"HIGH","attackRequirements":"NONE","privilegesRequired":"LOW","userInteraction":"NONE","vulnConfidentialityImpact":"LOW","vulnIntegrityImpact":"HIGH","vulnAvailabilityImpact":"LOW","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"disclosure@vulncheck.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:H/A:L","baseScore":6.4,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"HIGH","availabilityImpact":"LOW"},"exploitabilityScore":1.6,"impactScore":4.7}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-29T19:22:20.395999Z","id":"CVE-2026-57956","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"disclosure@vulncheck.com","type":"Secondary","description":[{"lang":"en","value":"CWE-639"}]}],"references":[{"url":"https://github.com/SigNoz/signoz/issues/11830","source":"disclosure@vulncheck.com"},{"url":"https://www.vulncheck.com/advisories/signoz-cross-organization-insecure-direct-object-reference-in-alert-rules","source":"disclosure@vulncheck.com"},{"url":"https://github.com/SigNoz/signoz/issues/11830","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0"}]}},{"cve":{"id":"CVE-2026-57958","sourceIdentifier":"disclosure@vulncheck.com","published":"2026-06-29T18:16:41.253","lastModified":"2026-06-29T19:16:42.747","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"Mixpost through 2.6.0 contains a reflected cross-site scripting vulnerability that allows unauthenticated attackers to execute arbitrary JavaScript in authenticated users' browsers by crafting malicious OAuth callback URLs with unsanitized error query parameters. Attackers can exploit the OAuth callback controller's failure to sanitize error parameters before rendering them through Laravel flash messages via the Vue v-html directive to hijack authenticated user sessions or perform unauthorized actions."}],"affected":[{"source":"disclosure@vulncheck.com","affectedData":[{"vendor":"inovector","product":"mixpost","defaultStatus":"unaffected","repo":"https://github.com/inovector/mixpost","packageURL":"pkg:composer/inovector/mixpost","versions":[{"version":"0","lessThanOrEqual":"2.6.0","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"disclosure@vulncheck.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":5.1,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"NONE","userInteraction":"ACTIVE","vulnConfidentialityImpact":"NONE","vulnIntegrityImpact":"NONE","vulnAvailabilityImpact":"NONE","subConfidentialityImpact":"LOW","subIntegrityImpact":"LOW","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"disclosure@vulncheck.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","baseScore":6.1,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":2.7}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-29T18:08:33.630240Z","id":"CVE-2026-57958","options":[{"exploitation":"poc"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"disclosure@vulncheck.com","type":"Secondary","description":[{"lang":"en","value":"CWE-79"}]}],"references":[{"url":"https://github.com/inovector/mixpost/issues/204","source":"disclosure@vulncheck.com"},{"url":"https://www.vulncheck.com/advisories/mixpost-reflected-xss-via-oauth-callback-error-parameter","source":"disclosure@vulncheck.com"},{"url":"https://github.com/inovector/mixpost/issues/204","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0"}]}},{"cve":{"id":"CVE-2026-57959","sourceIdentifier":"disclosure@vulncheck.com","published":"2026-06-29T18:16:41.997","lastModified":"2026-06-29T20:17:41.073","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"Hi.Events through 1.9.0 contains a promo code validation vulnerability where reservation validates usage count before asynchronous UpdateEventStatisticsJob increments it, allowing attackers to redeem limited promo codes unlimited times. Attackers can sequentially reserve multiple orders with the same restricted promo code, each reading order_usage_count=0 and passing validation, then complete them all at discounted prices without concurrent requests."}],"affected":[{"source":"disclosure@vulncheck.com","affectedData":[{"vendor":"HiEventsDev","product":"Hi.Events","defaultStatus":"unaffected","repo":"https://github.com/HiEventsDev/Hi.Events","versions":[{"version":"0","lessThanOrEqual":"1.9.0","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"disclosure@vulncheck.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":8.2,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"HIGH","attackRequirements":"NONE","privilegesRequired":"NONE","userInteraction":"NONE","vulnConfidentialityImpact":"NONE","vulnIntegrityImpact":"HIGH","vulnAvailabilityImpact":"NONE","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"disclosure@vulncheck.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N","baseScore":5.9,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":2.2,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-29T19:40:23.217129Z","id":"CVE-2026-57959","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"disclosure@vulncheck.com","type":"Secondary","description":[{"lang":"en","value":"CWE-367"}]}],"references":[{"url":"https://github.com/HiEventsDev/Hi.Events/issues/1223","source":"disclosure@vulncheck.com"},{"url":"https://www.vulncheck.com/advisories/hi-events-promo-code-max-usage-bypass-via-asynchronous-job-race-condition","source":"disclosure@vulncheck.com"}]}},{"cve":{"id":"CVE-2026-53427","sourceIdentifier":"6b3ad84c-e1a6-4bf7-a703-f496b71e49db","published":"2026-06-29T19:16:41.597","lastModified":"2026-06-29T20:17:38.650","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in leandrocp MDEx allows stored or reflected cross-site scripting via attacker-controlled Markdown.\n\nWhen syntax highlighting and full info-string forwarding (render: [full_info_string: true]) are enabled, the Lumis adapter copies the value of a code fence's highlight_lines_class info-string attribute, unescaped, into the class attribute of every rendered line. comrak_nif::lumis_adapter::LumisAdapter::parse_custom_attributes in native/comrak_nif/src/lumis_adapter.rs shlex-parses the info string and stores each key=value pair verbatim, highlight_lines_config pulls highlight_lines_class into the per-line class value, and write_highlighted interpolates that value directly into the class attribute of the per-line <div>. A single-quoted shell token preserves an inner double quote through shlex parsing, so a value such as '\"><script>alert(1)</script>' terminates the class attribute early and the markup that follows is emitted as live HTML.\n\nAn attacker who can submit Markdown (through comments, posts, wiki pages, documentation, or any user-generated content) can inject arbitrary HTML and JavaScript that runs in the browser of every user who views the rendered output, enabling session theft, account takeover, and other client-side attacks. No authentication or special privileges are required.\n\nThe vulnerable native code originally shipped inside mdex (in native/comrak_nif/src/lumis_adapter.rs) and was later extracted into the separate mdex_native package (native/mdex_native_nif/src/lumis_adapter.rs), where it remains unpatched.\n\nThis issue affects mdex from 0.11.3 before 0.12.3, and mdex_native from 0.1.0 before 0.2.3."}],"affected":[{"source":"6b3ad84c-e1a6-4bf7-a703-f496b71e49db","affectedData":[{"vendor":"leandrocp","product":"mdex","defaultStatus":"unaffected","collectionURL":"https://repo.hex.pm","packageName":"mdex","cpes":["cpe:2.3:a:leandrocp:mdex:*:*:*:*:*:*:*:*"],"modules":["'Elixir.MDEx'","comrak_nif"],"programFiles":["native/comrak_nif/src/lumis_adapter.rs"],"programRoutines":[{"name":"comrak_nif::lumis_adapter::LumisAdapter::parse_custom_attributes"},{"name":"comrak_nif::lumis_adapter::LumisAdapter::highlight_lines_config"},{"name":"comrak_nif::lumis_adapter::LumisAdapter::write_highlighted"},{"name":"'Elixir.MDEx':to_html/2"}],"repo":"https://github.com/leandrocp/mdex","packageURL":"pkg:hex/mdex","versions":[{"version":"0.11.3","lessThan":"0.12.3","versionType":"semver","status":"affected"}]},{"vendor":"leandrocp","product":"mdex","defaultStatus":"unaffected","collectionURL":"https://github.com","packageName":"leandrocp/mdex","cpes":["cpe:2.3:a:leandrocp:mdex:*:*:*:*:*:*:*:*"],"modules":["'Elixir.MDEx'","comrak_nif"],"programFiles":["native/comrak_nif/src/lumis_adapter.rs"],"programRoutines":[{"name":"comrak_nif::lumis_adapter::LumisAdapter::parse_custom_attributes"},{"name":"comrak_nif::lumis_adapter::LumisAdapter::highlight_lines_config"},{"name":"comrak_nif::lumis_adapter::LumisAdapter::write_highlighted"},{"name":"'Elixir.MDEx':to_html/2"}],"repo":"https://github.com/leandrocp/mdex","packageURL":"pkg:github/leandrocp/mdex","versions":[{"version":"0d7ffc84ea742e1daf666426814e5bb6d0499433","lessThan":"6ed94d905f97af188323f042698ae841c02293b4","versionType":"git","status":"affected"}]},{"vendor":"leandrocp","product":"mdex_native","defaultStatus":"unaffected","collectionURL":"https://repo.hex.pm","packageName":"mdex_native","cpes":["cpe:2.3:a:leandrocp:mdex_native:*:*:*:*:*:*:*:*"],"modules":["'Elixir.MDExNative.Comrak'","mdex_native_nif"],"programFiles":["native/mdex_native_nif/src/lumis_adapter.rs"],"programRoutines":[{"name":"mdex_native_nif::lumis_adapter::LumisAdapter::parse_custom_attributes"},{"name":"mdex_native_nif::lumis_adapter::LumisAdapter::highlight_lines_config"},{"name":"mdex_native_nif::lumis_adapter::LumisAdapter::write_highlighted"},{"name":"'Elixir.MDExNative.Native':document_to_html_with_options/2"},{"name":"'Elixir.MDExNative.Comrak':document_to_html/2"}],"repo":"https://github.com/leandrocp/mdex_native","packageURL":"pkg:hex/mdex_native","versions":[{"version":"0.1.0","lessThan":"0.2.3","versionType":"semver","status":"affected"}]},{"vendor":"leandrocp","product":"mdex_native","defaultStatus":"unaffected","collectionURL":"https://github.com","packageName":"leandrocp/mdex_native","cpes":["cpe:2.3:a:leandrocp:mdex_native:*:*:*:*:*:*:*:*"],"modules":["'Elixir.MDExNative.Comrak'","mdex_native_nif"],"programFiles":["native/mdex_native_nif/src/lumis_adapter.rs"],"programRoutines":[{"name":"mdex_native_nif::lumis_adapter::LumisAdapter::parse_custom_attributes"},{"name":"mdex_native_nif::lumis_adapter::LumisAdapter::highlight_lines_config"},{"name":"mdex_native_nif::lumis_adapter::LumisAdapter::write_highlighted"},{"name":"'Elixir.MDExNative.Native':document_to_html_with_options/2"},{"name":"'Elixir.MDExNative.Comrak':document_to_html/2"}],"repo":"https://github.com/leandrocp/mdex_native","packageURL":"pkg:github/leandrocp/mdex_native","versions":[{"version":"956528c5e31746253347029e810a969ab916fd27","lessThan":"798a363b4339f6f7162ec8437c4c9f9b5ae6fbf3","versionType":"git","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"6b3ad84c-e1a6-4bf7-a703-f496b71e49db","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":2.3,"baseSeverity":"LOW","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"PRESENT","privilegesRequired":"NONE","userInteraction":"PASSIVE","vulnConfidentialityImpact":"NONE","vulnIntegrityImpact":"NONE","vulnAvailabilityImpact":"NONE","subConfidentialityImpact":"LOW","subIntegrityImpact":"LOW","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-29T19:18:13.166991Z","id":"CVE-2026-53427","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"6b3ad84c-e1a6-4bf7-a703-f496b71e49db","type":"Secondary","description":[{"lang":"en","value":"CWE-79"}]}],"references":[{"url":"https://cna.erlef.org/cves/CVE-2026-53427.html","source":"6b3ad84c-e1a6-4bf7-a703-f496b71e49db"},{"url":"https://github.com/leandrocp/mdex_native/commit/798a363b4339f6f7162ec8437c4c9f9b5ae6fbf3","source":"6b3ad84c-e1a6-4bf7-a703-f496b71e49db"},{"url":"https://github.com/leandrocp/mdex_native/security/advisories/GHSA-v664-pmxr-mxxx","source":"6b3ad84c-e1a6-4bf7-a703-f496b71e49db"},{"url":"https://osv.dev/vulnerability/EEF-CVE-2026-53427","source":"6b3ad84c-e1a6-4bf7-a703-f496b71e49db"}]}},{"cve":{"id":"CVE-2026-53428","sourceIdentifier":"6b3ad84c-e1a6-4bf7-a703-f496b71e49db","published":"2026-06-29T19:16:41.817","lastModified":"2026-06-29T20:17:38.850","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"Memory Allocation with Excessive Size Value vulnerability in leandrocp mdex allows an unauthenticated attacker to cause a denial of service through unbounded memory allocation.\n\ncomrak_nif::lumis_adapter::LumisAdapter::parse_highlight_lines in native/comrak_nif/src/lumis_adapter.rs eagerly expands a user-controlled inclusive line range from a fenced code block's highlight_lines decorator into a Vec<usize>, pushing one element per integer in the range with no upper bound on the range size. An attacker who can supply Markdown that an application renders with MDEx.to_html/2 (for example a comment, chat message, or wiki page) can embed a code block whose info string is rust highlight_lines=\"1-100000000\", forcing the native adapter to allocate roughly 8 bytes per line in the range.\n\nA payload that differs by only a few bytes can therefore allocate hundreds of megabytes, and a sufficiently large range (for example 1-2000000000) exhausts host memory and aborts the BEAM, denying service to every user of the rendering process. The per-line write loop additionally tests membership with a linear scan over the same vector, degrading rendering to a quadratic cost even for ranges that do not immediately exhaust memory.\n\nThe vulnerable native code originally shipped inside mdex (in native/comrak_nif/src/lumis_adapter.rs) and was later extracted into the separate mdex_native package (native/mdex_native_nif/src/lumis_adapter.rs), where it remains unpatched.\n\nThis issue affects mdex from 0.11.0 before 0.12.3, and mdex_native from 0.1.0 before 0.2.3."}],"affected":[{"source":"6b3ad84c-e1a6-4bf7-a703-f496b71e49db","affectedData":[{"vendor":"leandrocp","product":"mdex","defaultStatus":"unaffected","collectionURL":"https://repo.hex.pm","packageName":"mdex","cpes":["cpe:2.3:a:leandrocp:mdex:*:*:*:*:*:*:*:*"],"modules":["'Elixir.MDEx'","comrak_nif"],"programFiles":["native/comrak_nif/src/lumis_adapter.rs"],"programRoutines":[{"name":"comrak_nif::lumis_adapter::LumisAdapter::parse_highlight_lines"},{"name":"'Elixir.MDEx':to_html/2"}],"repo":"https://github.com/leandrocp/mdex","packageURL":"pkg:hex/mdex","versions":[{"version":"0.11.0","lessThan":"0.12.3","versionType":"semver","status":"affected"}]},{"vendor":"leandrocp","product":"mdex","defaultStatus":"unaffected","collectionURL":"https://github.com","packageName":"leandrocp/mdex","cpes":["cpe:2.3:a:leandrocp:mdex:*:*:*:*:*:*:*:*"],"modules":["'Elixir.MDEx'","comrak_nif"],"programFiles":["native/comrak_nif/src/lumis_adapter.rs"],"programRoutines":[{"name":"comrak_nif::lumis_adapter::LumisAdapter::parse_highlight_lines"},{"name":"'Elixir.MDEx':to_html/2"}],"repo":"https://github.com/leandrocp/mdex","packageURL":"pkg:github/leandrocp/mdex","versions":[{"version":"a8407611715d1ead35fbcba79c72cef1b7df387b","lessThan":"6ed94d905f97af188323f042698ae841c02293b4","versionType":"git","status":"affected"}]},{"vendor":"leandrocp","product":"mdex_native","defaultStatus":"unaffected","collectionURL":"https://repo.hex.pm","packageName":"mdex_native","cpes":["cpe:2.3:a:leandrocp:mdex_native:*:*:*:*:*:*:*:*"],"modules":["'Elixir.MDExNative.Comrak'","mdex_native_nif"],"programFiles":["native/mdex_native_nif/src/lumis_adapter.rs"],"programRoutines":[{"name":"mdex_native_nif::lumis_adapter::LumisAdapter::parse_highlight_lines"},{"name":"'Elixir.MDExNative.Native':document_to_html_with_options/2"},{"name":"'Elixir.MDExNative.Comrak':document_to_html/2"}],"repo":"https://github.com/leandrocp/mdex_native","packageURL":"pkg:hex/mdex_native","versions":[{"version":"0.1.0","lessThan":"0.2.3","versionType":"semver","status":"affected"}]},{"vendor":"leandrocp","product":"mdex_native","defaultStatus":"unaffected","collectionURL":"https://github.com","packageName":"leandrocp/mdex_native","cpes":["cpe:2.3:a:leandrocp:mdex_native:*:*:*:*:*:*:*:*"],"modules":["'Elixir.MDExNative.Comrak'","mdex_native_nif"],"programFiles":["native/mdex_native_nif/src/lumis_adapter.rs"],"programRoutines":[{"name":"mdex_native_nif::lumis_adapter::LumisAdapter::parse_highlight_lines"},{"name":"'Elixir.MDExNative.Native':document_to_html_with_options/2"},{"name":"'Elixir.MDExNative.Comrak':document_to_html/2"}],"repo":"https://github.com/leandrocp/mdex_native","packageURL":"pkg:github/leandrocp/mdex_native","versions":[{"version":"956528c5e31746253347029e810a969ab916fd27","lessThan":"798a363b4339f6f7162ec8437c4c9f9b5ae6fbf3","versionType":"git","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"6b3ad84c-e1a6-4bf7-a703-f496b71e49db","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":6.9,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","attackRequirements":"PRESENT","privilegesRequired":"NONE","userInteraction":"NONE","vulnConfidentialityImpact":"NONE","vulnIntegrityImpact":"NONE","vulnAvailabilityImpact":"HIGH","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"HIGH","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-29T19:17:11.005816Z","id":"CVE-2026-53428","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"6b3ad84c-e1a6-4bf7-a703-f496b71e49db","type":"Secondary","description":[{"lang":"en","value":"CWE-789"}]}],"references":[{"url":"https://cna.erlef.org/cves/CVE-2026-53428.html","source":"6b3ad84c-e1a6-4bf7-a703-f496b71e49db"},{"url":"https://github.com/leandrocp/mdex_native/commit/798a363b4339f6f7162ec8437c4c9f9b5ae6fbf3","source":"6b3ad84c-e1a6-4bf7-a703-f496b71e49db"},{"url":"https://github.com/leandrocp/mdex_native/security/advisories/GHSA-j93q-9cvj-rxfm","source":"6b3ad84c-e1a6-4bf7-a703-f496b71e49db"},{"url":"https://osv.dev/vulnerability/EEF-CVE-2026-53428","source":"6b3ad84c-e1a6-4bf7-a703-f496b71e49db"}]}},{"cve":{"id":"CVE-2026-13008","sourceIdentifier":"security@wordfence.com","published":"2026-06-29T20:17:32.827","lastModified":"2026-06-29T20:17:32.827","vulnStatus":"Rejected","cveTags":[],"descriptions":[{"lang":"en","value":"Rejected reason: ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2026-57700. Reason: This candidate is a reservation duplicate of CVE-2026-57700. Notes: All CVE users should reference CVE-2026-57700 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage."}],"metrics":{},"references":[]}}]}