{"resultsPerPage":192,"startIndex":0,"totalResults":192,"format":"NVD_CVE","version":"2.0","timestamp":"2026-07-12T00:11:06.446","vulnerabilities":[{"cve":{"id":"CVE-2018-10902","sourceIdentifier":"secalert@redhat.com","published":"2018-08-21T19:29:00.220","lastModified":"2026-07-07T15:16:40.793","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"It was found that the raw midi kernel driver does not protect against concurrent access which leads to a double realloc (double free) in snd_rawmidi_input_params() and snd_rawmidi_output_status() which are part of snd_rawmidi_ioctl() handler in rawmidi.c file. A malicious local attacker could possibly use this for privilege escalation."},{"lang":"es","value":"Se ha detectado que el controlador del kernel midi raw no protege contra el acceso concurrente, lo que conduce a un doble realloc (doble liberación) en snd_rawmidi_input_params() y snd_rawmidi_output_status(), que son parte del manipulador snd_rawmidi_ioctl() en el archivo rawmidi.c. Un atacante local malicioso podría utilizarlo para escalar privilegios."}],"affected":[{"source":"secalert@redhat.com","affectedData":[{"vendor":"Linux","product":"Linux","defaultStatus":"affected","versions":[{"version":"3.16.58","lessThan":"3.16.*","versionType":"semver","status":"unaffected"},{"version":"3.18.117","lessThan":"3.18.*","versionType":"semver","status":"unaffected"},{"version":"4.4.144","lessThan":"4.4.*","versionType":"semver","status":"unaffected"},{"version":"4.9.115","lessThan":"4.9.*","versionType":"semver","status":"unaffected"},{"version":"4.14.100","lessThan":"4.14.*","versionType":"semver","status":"unaffected"},{"version":"4.17.10","lessThan":"4.17.*","versionType":"semver","status":"unaffected"},{"version":"4.18","lessThan":"*","versionType":"semver","status":"unaffected"}]}]}],"metrics":{"cvssMetricV30":[{"source":"secalert@redhat.com","type":"Secondary","cvssData":{"version":"3.0","vectorString":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.0","vectorString":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:L/AC:L/Au:N/C:P/I:P/A:P","baseScore":4.6,"accessVector":"LOCAL","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"MEDIUM","exploitabilityScore":3.9,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"secalert@redhat.com","type":"Secondary","description":[{"lang":"en","value":"CWE-416"}]},{"source":"nvd@nist.gov","type":"Secondary","description":[{"lang":"en","value":"CWE-415"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","matchCriteriaId":"C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43"},{"vulnerable":true,"criteria":"cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","matchCriteriaId":"DEECE5FC-CACF-4496-A3E7-164736409252"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*","matchCriteriaId":"8D305F7A-D159-4716-AB26-5E38BB5CD991"},{"vulnerable":true,"criteria":"cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*","matchCriteriaId":"B5A6F2F3-4894-4392-8296-3B8DD2679084"},{"vulnerable":true,"criteria":"cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*","matchCriteriaId":"F7016A2A-8365-4F1A-89A2-7A19F2BCAE5B"},{"vulnerable":true,"criteria":"cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*","matchCriteriaId":"23A7C53F-B80F-4E6A-AFA9-58EEA84BE11D"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*","matchCriteriaId":"703AF700-7A70-47E2-BC3A-7FD03B3CA9C1"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*","matchCriteriaId":"EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*","matchCriteriaId":"33C068A4-3780-4EAB-A937-6082DF847564"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*","matchCriteriaId":"9BBCD86A-E6C7-4444-9D74-F861084090F0"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*","matchCriteriaId":"51EF4996-72F4-4FA4-814F-F5991E7A8318"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*","matchCriteriaId":"E5ED5807-55B7-47C5-97A6-03233F4FBC3A"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*","matchCriteriaId":"825ECE2D-E232-46E0-A047-074B34DB1E97"}]}]}],"references":[{"url":"http://www.securityfocus.com/bid/105119","source":"secalert@redhat.com","tags":["Third Party Advisory","VDB Entry"]},{"url":"http://www.securitytracker.com/id/1041529","source":"secalert@redhat.com","tags":["Patch","Third Party Advisory","VDB Entry"]},{"url":"https://access.redhat.com/errata/RHSA-2018:3083","source":"secalert@redhat.com","tags":["Third Party Advisory"]},{"url":"https://access.redhat.com/errata/RHSA-2018:3096","source":"secalert@redhat.com","tags":["Third Party Advisory"]},{"url":"https://access.redhat.com/errata/RHSA-2019:0415","source":"secalert@redhat.com","tags":["Third Party Advisory"]},{"url":"https://access.redhat.com/errata/RHSA-2019:0641","source":"secalert@redhat.com","tags":["Third Party Advisory"]},{"url":"https://access.redhat.com/errata/RHSA-2019:3217","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2019:3967","source":"secalert@redhat.com"},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-10902","source":"secalert@redhat.com","tags":["Issue Tracking","Patch","Third Party Advisory"]},{"url":"https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=39675f7a7c7e7702f7d5341f1e0d01db746543a0","source":"secalert@redhat.com","tags":["Patch","Vendor Advisory"]},{"url":"https://lists.debian.org/debian-lts-announce/2018/10/msg00003.html","source":"secalert@redhat.com","tags":["Mailing List","Third Party Advisory"]},{"url":"https://usn.ubuntu.com/3776-1/","source":"secalert@redhat.com","tags":["Third Party Advisory"]},{"url":"https://usn.ubuntu.com/3776-2/","source":"secalert@redhat.com","tags":["Third Party Advisory"]},{"url":"https://usn.ubuntu.com/3847-1/","source":"secalert@redhat.com","tags":["Third Party Advisory"]},{"url":"https://usn.ubuntu.com/3847-2/","source":"secalert@redhat.com","tags":["Third Party Advisory"]},{"url":"https://usn.ubuntu.com/3847-3/","source":"secalert@redhat.com","tags":["Third Party Advisory"]},{"url":"https://usn.ubuntu.com/3849-1/","source":"secalert@redhat.com","tags":["Third Party Advisory"]},{"url":"https://usn.ubuntu.com/3849-2/","source":"secalert@redhat.com","tags":["Third Party Advisory"]},{"url":"https://www.debian.org/security/2018/dsa-4308","source":"secalert@redhat.com","tags":["Third Party Advisory"]},{"url":"http://www.securityfocus.com/bid/105119","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory","VDB Entry"]},{"url":"http://www.securitytracker.com/id/1041529","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch","Third Party Advisory","VDB Entry"]},{"url":"https://access.redhat.com/errata/RHSA-2018:3083","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"https://access.redhat.com/errata/RHSA-2018:3096","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"https://access.redhat.com/errata/RHSA-2019:0415","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"https://access.redhat.com/errata/RHSA-2019:0641","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"https://access.redhat.com/errata/RHSA-2019:3217","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://access.redhat.com/errata/RHSA-2019:3967","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-10902","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Issue Tracking","Patch","Third Party Advisory"]},{"url":"https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=39675f7a7c7e7702f7d5341f1e0d01db746543a0","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch","Vendor Advisory"]},{"url":"https://lists.debian.org/debian-lts-announce/2018/10/msg00003.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Mailing List","Third Party Advisory"]},{"url":"https://usn.ubuntu.com/3776-1/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"https://usn.ubuntu.com/3776-2/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"https://usn.ubuntu.com/3847-1/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"https://usn.ubuntu.com/3847-2/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"https://usn.ubuntu.com/3847-3/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"https://usn.ubuntu.com/3849-1/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"https://usn.ubuntu.com/3849-2/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"https://www.debian.org/security/2018/dsa-4308","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]}]}},{"cve":{"id":"CVE-2023-45815","sourceIdentifier":"security-advisories@github.com","published":"2023-10-19T22:15:10.407","lastModified":"2026-07-07T14:16:26.390","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"ArchiveBox is an open source self-hosted web archiving system. Any users who are using the `wget` extractor and view the content it outputs. The impact is potentially severe if you are logged in to the ArchiveBox admin site in the same browser session and view an archived malicious page designed to target your ArchiveBox instance. Malicious Javascript could potentially act using your logged-in admin credentials and add/remove/modify snapshots, add/remove/modify ArchiveBox users, and generally do anything an admin user could do. The impact is less severe for non-logged-in users, as malicious Javascript cannot *modify* any archives, but it can still *read* all the other archived content by fetching the snapshot index and iterating through it. Because all of ArchiveBox's archived content is served from the same host and port as the admin panel, when archived pages are viewed the JS executes in the same context as all the other archived pages (and the admin panel), defeating most of the browser's usual CORS/CSRF security protections and leading to this issue. Version 0.9.0 contains a patch. As a mitigation for this issue would be to disable the wget extractor by setting `archivebox config --set SAVE_WGET=False`, ensure you are always logged out, or serve only a [static HTML version](https://github.com/ArchiveBox/ArchiveBox/wiki/Publishing-Your-Archive#2-export-and-host-it-as-static-html) of your archive."},{"lang":"es","value":"ArchiveBox es un sistema de archivo web autohospedado de código abierto. Cualquier usuario que esté utilizando el extractor `wget` y vea el contenido que genera. El impacto es potencialmente grave si inicia sesión en el sitio de administración de ArchiveBox en la misma sesión del navegador y ve una página maliciosa archivada diseñada para apuntar a su instancia de ArchiveBox. Javascript malicioso podría potencialmente actuar utilizando sus credenciales de administrador iniciadas y agregar/eliminar/modificar instantáneas, agregar/eliminar/modificar usuarios de ArchiveBox y, en general, hacer cualquier cosa que un usuario administrador pueda hacer. El impacto es menos severo para los usuarios que no han iniciado sesión, ya que Javascript malicioso no puede *modificar* ningún archivo, pero aún puede *leer* todo el resto del contenido archivado al obtener el índice de la instantánea y recorrerlo en iteración. Debido a que todo el contenido archivado de ArchiveBox se sirve desde el mismo host y puerto que el panel de administración, cuando se ven las páginas archivadas, JS se ejecuta en el mismo contexto que todas las demás páginas archivadas (y el panel de administración), anulando la mayoría de las funciones habituales del navegador. Protecciones de seguridad CORS/CSRF y lo que lleva a este problema. Se está desarrollando un parche en https://github.com/ArchiveBox/ArchiveBox/issues/239. Como mitigación para este problema, sería deshabilitar el extractor de wget configurando `archivebox config --set SAVE_WGET=False`, asegurarse de estar siempre desconectado o servir solo una [versión HTML estática] (https://github.com /ArchiveBox/ArchiveBox/wiki/Publishing-Your-Archive#2-export-and-host-it-as-static-html) de su archivo."}],"affected":[{"source":"security-advisories@github.com","affectedData":[{"vendor":"ArchiveBox","product":"ArchiveBox","versions":[{"version":"< 0.9.0","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:N","baseScore":6.4,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":1.2,"impactScore":5.2},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N","baseScore":5.4,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.3,"impactScore":2.7}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2024-09-12T17:50:22.528558Z","id":"CVE-2023-45815","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-79"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:archivebox:archivebox:*:*:*:*:*:*:*:*","versionEndIncluding":"0.6.2","matchCriteriaId":"7E721DF1-19BE-4E74-AAD8-C2C26FB0B887"}]}]}],"references":[{"url":"https://en.wikipedia.org/wiki/Cross-site_request_forgery","source":"security-advisories@github.com"},{"url":"https://github.com/ArchiveBox/ArchiveBox#caveats","source":"security-advisories@github.com"},{"url":"https://github.com/ArchiveBox/ArchiveBox/commit/a6548df8d0aae1d3d326deb1191b128232708166","source":"security-advisories@github.com"},{"url":"https://github.com/ArchiveBox/ArchiveBox/issues/239","source":"security-advisories@github.com","tags":["Exploit","Issue Tracking"]},{"url":"https://github.com/ArchiveBox/ArchiveBox/pull/1773","source":"security-advisories@github.com"},{"url":"https://github.com/ArchiveBox/ArchiveBox/security/advisories/GHSA-cr45-98w9-gwqx","source":"security-advisories@github.com","tags":["Patch","Vendor Advisory"]},{"url":"https://github.com/ArchiveBox/ArchiveBox/wiki/Configuration#save_wget","source":"security-advisories@github.com"},{"url":"https://github.com/ArchiveBox/ArchiveBox/wiki/Publishing-Your-Archive#2-export-and-host-it-as-static-html","source":"security-advisories@github.com"},{"url":"https://github.com/ArchiveBox/ArchiveBox/wiki/Publishing-Your-Archive#security-concerns","source":"security-advisories@github.com"},{"url":"https://github.com/ArchiveBox/ArchiveBox/wiki/Security-Overview","source":"security-advisories@github.com"},{"url":"https://github.com/pypa/advisory-database/tree/main/vulns/archivebox/PYSEC-2023-229.yaml","source":"security-advisories@github.com"},{"url":"https://github.com/ArchiveBox/ArchiveBox/issues/239","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Issue Tracking"]},{"url":"https://github.com/ArchiveBox/ArchiveBox/security/advisories/GHSA-cr45-98w9-gwqx","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch","Vendor Advisory"]}]}},{"cve":{"id":"CVE-2024-43590","sourceIdentifier":"secure@microsoft.com","published":"2024-10-08T18:15:26.913","lastModified":"2026-07-07T15:55:16.167","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Visual C++ Redistributable Installer Elevation of Privilege Vulnerability"},{"lang":"es","value":"Vulnerabilidad de elevación de privilegios en el instalador redistribuible de Visual C++"}],"affected":[{"source":"secure@microsoft.com","affectedData":[{"vendor":"Microsoft","product":"Microsoft Visual Studio 2017 version 15.9 (includes 15.0 - 15.8)","versions":[{"version":"15.9.0","lessThan":"15.9.67","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Microsoft Visual Studio 2019 version 16.11 (includes 16.0 - 16.10)","versions":[{"version":"16.11.0","lessThan":"16.11.41","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Microsoft Visual Studio 2022 version 17.10","versions":[{"version":"17.10","lessThan":"17.10.8","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Microsoft Visual Studio 2022 version 17.11","versions":[{"version":"17.11","lessThan":"17.11.5","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Microsoft Visual Studio 2022 version 17.6","versions":[{"version":"17.6.0","lessThan":"17.6.20","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Microsoft Visual Studio 2022 version 17.8","versions":[{"version":"17.8.0","lessThan":"17.8.15","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Visual C++ Redistributable Installer","versions":[{"version":"10.0.0","lessThan":"14.40.33816","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"secure@microsoft.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2024-10-08T18:34:14.182011Z","id":"CVE-2024-43590","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"secure@microsoft.com","type":"Secondary","description":[{"lang":"en","value":"CWE-284"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-noinfo"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:visual_c\\+\\+_redistributable:*:*:*:*:*:*:*:*","versionStartIncluding":"10.0.0","versionEndExcluding":"14.40.33816","matchCriteriaId":"05C4FCAA-8638-476C-A60F-C1FE9922D613"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:visual_studio_2017:*:*:*:*:*:*:*:*","versionStartIncluding":"15.0","versionEndExcluding":"15.9.67","matchCriteriaId":"00680F8D-9858-4706-8888-4130E4CDA76B"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*","versionStartIncluding":"15.0","versionEndExcluding":"15.9.67","matchCriteriaId":"1915924B-3EB6-4EF4-9DC8-31A98C858ADD"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*","versionStartIncluding":"16.0","versionEndExcluding":"16.11.41","matchCriteriaId":"111ACA28-0E8E-4F6D-BE67-F2E0703BC33F"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:visual_studio_2022:*:*:*:*:*:*:*:*","versionStartIncluding":"17.6.0","versionEndExcluding":"17.6.20","matchCriteriaId":"18D2A92E-FB5F-4892-A7EF-0DBD26281248"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:visual_studio_2022:*:*:*:*:*:*:*:*","versionStartIncluding":"17.8.0","versionEndExcluding":"17.8.15","matchCriteriaId":"34609790-24EF-448C-8AED-9BF831D73629"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:visual_studio_2022:*:*:*:*:*:*:*:*","versionStartIncluding":"17.10.0","versionEndExcluding":"17.10.8","matchCriteriaId":"480AA116-1C38-4778-A84D-321278AEC747"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:visual_studio_2022:*:*:*:*:*:*:*:*","versionStartIncluding":"17.11.0","versionEndExcluding":"17.11.5","matchCriteriaId":"AD8D6C06-D7AB-4E82-AAD6-4240603B6AC6"}]}]}],"references":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-43590","source":"secure@microsoft.com","tags":["Patch","Vendor Advisory"]}]}},{"cve":{"id":"CVE-2024-54216","sourceIdentifier":"audit@patchstack.com","published":"2024-12-06T14:15:26.633","lastModified":"2026-07-07T12:16:25.833","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Path Traversal: '.../...//' vulnerability in reputeinfosystems ARForms allows Path Traversal.\n\nThis issue affects ARForms: from n/a before 7.0.2."},{"lang":"es","value":"La vulnerabilidad de path traversal en NotFound ARForms permite el path traversal. Este problema afecta a ARForms: desde n/a hasta 6.4.1."}],"affected":[{"source":"audit@patchstack.com","affectedData":[{"vendor":"reputeinfosystems","product":"ARForms","defaultStatus":"unaffected","versions":[{"version":"n/a","lessThan":"7.0.2","versionType":"custom","status":"affected","changes":[{"at":"7.0.2","status":"unaffected"}]}]}]}],"metrics":{"cvssMetricV31":[{"source":"audit@patchstack.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N","baseScore":7.7,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.1,"impactScore":4.0}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2024-12-06T16:22:22.639170Z","id":"CVE-2024-54216","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"audit@patchstack.com","type":"Secondary","description":[{"lang":"en","value":"CWE-35"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:reputeinfosystems:arforms:*:*:*:*:*:wordpress:*:*","versionEndIncluding":"6.4.1","matchCriteriaId":"4DA88C3B-0C6A-4889-9114-4A1DE8661427"}]}]}],"references":[{"url":"https://patchstack.com/database/wordpress/plugin/arforms/vulnerability/wordpress-arforms-plugin-6-4-1-subscriber-arbitrary-file-read-vulnerability?_s_id=cve","source":"audit@patchstack.com","tags":["Third Party Advisory"]}]}},{"cve":{"id":"CVE-2025-49795","sourceIdentifier":"secalert@redhat.com","published":"2025-06-16T16:15:19.203","lastModified":"2026-07-07T13:16:28.003","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"A NULL pointer dereference vulnerability was found in libxml2 when processing XPath XML expressions. This flaw allows an attacker to craft a malicious XML input to libxml2, leading to a denial of service."},{"lang":"es","value":"Se detectó una vulnerabilidad de desreferencia de puntero nulo en libxml2 al procesar expresiones XML XPath. Esta falla permite a un atacante manipular una entrada XML maliciosa en libxml2, lo que provoca una denegación de servicio."}],"affected":[{"source":"secalert@redhat.com","affectedData":[{"vendor":"GNOME","product":"libxml2","defaultStatus":"unaffected","repo":"https://gitlab.gnome.org/GNOME/libxml2/","versions":[{"version":"2.10.0","lessThan":"2.14.5","versionType":"semver","status":"affected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 10","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"libxml2","cpes":["cpe:/o:redhat:enterprise_linux:10.0"],"versions":[{"version":"0:2.12.5-7.el10_0","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat JBoss Core Services 2.4.62.SP2","defaultStatus":"unaffected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"libxml2","cpes":["cpe:/a:redhat:jboss_core_services:1"]},{"vendor":"Red Hat","product":"Red Hat Hardened Images","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"libxml2-main","cpes":["cpe:/a:redhat:hummingbird:1"],"versions":[{"version":"2.15.2-0.3.hum1","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 6","defaultStatus":"unknown","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"libxml2","cpes":["cpe:/o:redhat:enterprise_linux:6"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 7","defaultStatus":"unaffected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"libxml2","cpes":["cpe:/o:redhat:enterprise_linux:7"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8","defaultStatus":"unaffected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"libxml2","cpes":["cpe:/o:redhat:enterprise_linux:8"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9","defaultStatus":"unaffected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"libxml2","cpes":["cpe:/o:redhat:enterprise_linux:9"]}]},{"source":"0b142b55-0307-4c5a-b3c9-f314f3fb7c5e","affectedData":[{"vendor":"Siemens","product":"RUGGEDCOM RST2428P","defaultStatus":"unknown","versions":[{"version":"0","lessThan":"V4.0","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"secalert@redhat.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-06-16T15:30:23.392664Z","id":"CVE-2025-49795","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"secalert@redhat.com","type":"Secondary","description":[{"lang":"en","value":"CWE-825"}]}],"references":[{"url":"https://access.redhat.com/errata/RHSA-2025:10630","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:19020","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:7519","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/security/cve/CVE-2025-49795","source":"secalert@redhat.com"},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2372379","source":"secalert@redhat.com"},{"url":"https://gitlab.gnome.org/GNOME/libxml2/-/issues/932","source":"secalert@redhat.com"},{"url":"https://cert-portal.siemens.com/productcert/html/ssa-253495.html","source":"0b142b55-0307-4c5a-b3c9-f314f3fb7c5e"}]}},{"cve":{"id":"CVE-2026-29049","sourceIdentifier":"security-advisories@github.com","published":"2026-03-06T07:16:02.093","lastModified":"2026-07-07T14:16:29.857","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"melange allows users to build apk packages using declarative pipelines. In version 0.40.5 and prior, melange update-cache downloads URIs from build configs via io.Copy without any size limit or HTTP client timeout (pkg/renovate/cache/cache.go). An attacker-controlled URI in a melange config can cause unbounded disk writes, exhausting disk on the build runne. Version 0.43.4 contains a patch."},{"lang":"es","value":"melange permite a los usuarios construir paquetes apk utilizando pipelines declarativos. En la versión 0.40.5 y anteriores, melange update-cache descarga URIs de configuraciones de compilación a través de io.Copy sin ningún límite de tamaño o tiempo de espera del cliente HTTP (pkg/renovate/cache/cache.go). Una URI controlada por un atacante en una configuración de melange puede causar escrituras de disco ilimitadas, agotando el disco en el ejecutor de compilación. No hay ningún parche conocido disponible públicamente."}],"affected":[{"source":"security-advisories@github.com","affectedData":[{"vendor":"chainguard-dev","product":"melange","versions":[{"version":"< 0.43.4","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","baseScore":4.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"LOW"},"exploitabilityScore":2.8,"impactScore":1.4}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-03-09T20:00:02.881191Z","id":"CVE-2026-29049","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-400"},{"lang":"en","value":"CWE-918"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:chainguard:melange:*:*:*:*:*:go:*:*","versionEndIncluding":"0.40.5","matchCriteriaId":"03E019F3-C40D-4A30-9A0C-8B4CC7D2FF8A"}]}]}],"references":[{"url":"https://github.com/chainguard-dev/melange/commit/652ca5af08588f78e2d405e64b058fac8398d23f","source":"security-advisories@github.com"},{"url":"https://github.com/chainguard-dev/melange/pull/2379","source":"security-advisories@github.com"},{"url":"https://github.com/chainguard-dev/melange/releases/tag/v0.43.4","source":"security-advisories@github.com"},{"url":"https://github.com/chainguard-dev/melange/security/advisories/GHSA-7rp8-r62p-q6wc","source":"security-advisories@github.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-26740","sourceIdentifier":"cve@mitre.org","published":"2026-03-18T18:16:26.220","lastModified":"2026-07-07T12:16:34.273","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Buffer Overflow vulnerability in giflib v.5.2.2 allows a remote attacker to cause a denial of service via the EGifGCBToExtension overwriting an existing Graphic Control Extension block without validating its allocated size."},{"lang":"es","value":"Vulnerabilidad de desbordamiento de búfer en giflib v.5.2.2 permite a un atacante remoto causar una denegación de servicio a través de EGifGCBToExtension sobrescribiendo un bloque de extensión de control gráfico existente sin validar su tamaño asignado."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","affectedData":[{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream EUS (v. 10.0)","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux_eus:10.0"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream (v. 10)","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux:10.2"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream (v. 8)","defaultStatus":"affected","cpes":["cpe:/a:redhat:enterprise_linux:8::appstream"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream AUS (v.8.4)","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhel_aus:8.4::appstream"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream EUS EXTENSION (v.8.4)","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhel_eus_long_life:8.4::appstream"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream AUS (v.8.6)","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhel_aus:8.6::appstream"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream EUS EXTENSION (v.8.6)","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhel_eus_long_life:8.6::appstream"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream E4S (v.8.8)","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhel_e4s:8.8::appstream"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream TUS (v.8.8)","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhel_tus:8.8::appstream"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream E4S (v.9.2)","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhel_e4s:9.2::appstream"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream E4S (v.9.4)","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhel_e4s:9.4::appstream"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream EUS (v.9.6)","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhel_eus:9.6::appstream"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream (v. 9)","defaultStatus":"affected","cpes":["cpe:/a:redhat:enterprise_linux:9::appstream"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux CodeReady Linux Builder EUS (v. 10.0)","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux_eus:10.0"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux:10.2"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux CRB (v. 8)","defaultStatus":"affected","cpes":["cpe:/a:redhat:enterprise_linux:8::crb"]},{"vendor":"Red Hat","product":"Red Hat CodeReady Linux Builder EUS (v.9.6)","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhel_eus:9.6::crb"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux CodeReady Linux Builder (v. 9)","defaultStatus":"affected","cpes":["cpe:/a:redhat:enterprise_linux:9::crb"]},{"vendor":"Red Hat","product":"Red Hat AI Inference Server 3.2","defaultStatus":"affected","cpes":["cpe:/a:redhat:ai_inference_server:3.2::el9"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 6","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux:6"]},{"vendor":"Red Hat","product":"Red Hat build of OpenJDK 1.8","defaultStatus":"unaffected","cpes":["cpe:/a:redhat:openjdk:1.8"]},{"vendor":"Red Hat","product":"Red Hat build of OpenJDK 11 ELS","defaultStatus":"unaffected","cpes":["cpe:/a:redhat:openjdk_els:11"]},{"vendor":"Red Hat","product":"Red Hat build of OpenJDK 17","defaultStatus":"unaffected","cpes":["cpe:/a:redhat:openjdk:17"]},{"vendor":"Red Hat","product":"Red Hat build of OpenJDK 21","defaultStatus":"unaffected","cpes":["cpe:/a:redhat:openjdk:21"]},{"vendor":"Red Hat","product":"Red Hat build of OpenJDK 25","defaultStatus":"unaffected","cpes":["cpe:/a:redhat:openjdk:25"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 10","defaultStatus":"unaffected","cpes":["cpe:/o:redhat:enterprise_linux:10"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 7","defaultStatus":"unaffected","cpes":["cpe:/o:redhat:enterprise_linux:7"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8","defaultStatus":"unaffected","cpes":["cpe:/o:redhat:enterprise_linux:8"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9","defaultStatus":"unaffected","cpes":["cpe:/o:redhat:enterprise_linux:9"]}]}],"metrics":{"cvssMetricV31":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H","baseScore":8.2,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"LOW","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":4.2},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-03-18T18:43:32.619695Z","id":"CVE-2026-26740","options":[{"exploitation":"poc"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-787"}]},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","type":"Secondary","description":[{"lang":"en","value":"CWE-787"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:giflib_project:giflib:5.2.2:*:*:*:*:*:*:*","matchCriteriaId":"CC3B1EB3-6B22-4CA4-8BBA-7AB8A754FAB2"}]}]}],"references":[{"url":"https://github.com/zakkanijia/POC/blob/main/giflib/giftool/giflib_giftool_gce_len_heap_oobwrite_disclosure.md","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://access.redhat.com/errata/RHSA-2026:33447","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:33450","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:33451","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:33452","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:33455","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:33456","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:33501","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:33502","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:33503","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:33509","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:36004","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:36005","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:36006","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/security/cve/CVE-2026-26740","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2448747","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-26740.json","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"}]}},{"cve":{"id":"CVE-2025-67030","sourceIdentifier":"cve@mitre.org","published":"2026-03-25T18:16:25.880","lastModified":"2026-07-07T12:16:27.960","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Directory Traversal vulnerability in the extractFile method of org.codehaus.plexus.util.Expand in plexus-utils before 6d780b3378829318ba5c2d29547e0012d5b29642. This allows an attacker to execute arbitrary code"},{"lang":"es","value":"Vulnerabilidad de salto de directorio en el método extractFile de org.codehaus.plexus.util.Expand en plexus-utils anterior a 6d780b3378829318ba5c2d29547e0012d5b29642. Esto permite a un atacante ejecutar código arbitrario"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","affectedData":[{"vendor":"Red Hat","product":"Red Hat JBoss EAP 8.1 for RHEL 8","defaultStatus":"affected","cpes":["cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el8"]},{"vendor":"Red Hat","product":"Red Hat JBoss EAP 8.1 for RHEL 9","defaultStatus":"affected","cpes":["cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el9"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream EUS (v. 10.0)","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux_eus:10.0"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream E4S (v.8.8)","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhel_e4s:8.8::appstream"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream TUS (v.8.8)","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhel_tus:8.8::appstream"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream E4S (v.9.2)","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhel_e4s:9.2::appstream"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream E4S (v.9.4)","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhel_e4s:9.4::appstream"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream EUS (v.9.6)","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhel_eus:9.6::appstream"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux CodeReady Linux Builder EUS (v. 10.0)","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux_eus:10.0"]},{"vendor":"Red Hat","product":"Red Hat JBoss Enterprise Application Platform 8.1","defaultStatus":"affected","cpes":["cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el9"]},{"vendor":"Red Hat","product":"Red Hat build of Apache Camel 4.18.1 for Spring Boot 3.5.14","defaultStatus":"affected","cpes":["cpe:/a:redhat:apache_camel_spring_boot:4.18"]},{"vendor":"Red Hat","product":"Red Hat build of Quarkus 3.20.6","defaultStatus":"affected","cpes":["cpe:/a:redhat:quarkus:3.20::el8"]},{"vendor":"Red Hat","product":"Red Hat build of Quarkus 3.27.3","defaultStatus":"affected","cpes":["cpe:/a:redhat:quarkus:3.27::el8"]},{"vendor":"Red Hat","product":"OpenShift Developer Tools and Services","defaultStatus":"affected","cpes":["cpe:/a:redhat:ocp_tools"]},{"vendor":"Red Hat","product":"OpenShift Serverless","defaultStatus":"affected","cpes":["cpe:/a:redhat:serverless:1"]},{"vendor":"Red Hat","product":"Red Hat build of Apicurio Registry 2","defaultStatus":"affected","cpes":["cpe:/a:redhat:service_registry:2"]},{"vendor":"Red Hat","product":"Red Hat build of Apicurio Registry 3","defaultStatus":"affected","cpes":["cpe:/a:redhat:apicurio_registry:3"]},{"vendor":"Red Hat","product":"Red Hat build of Debezium 3","defaultStatus":"affected","cpes":["cpe:/a:redhat:debezium:3"]},{"vendor":"Red Hat","product":"Red Hat Data Grid 8","defaultStatus":"affected","cpes":["cpe:/a:redhat:jboss_data_grid:8"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 10","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux:10"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 6","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux:6"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 7","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux:7"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux:8"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux:9"]},{"vendor":"Red Hat","product":"Red Hat Fuse 7","defaultStatus":"affected","cpes":["cpe:/a:redhat:jboss_fuse:7"]},{"vendor":"Red Hat","product":"Red Hat JBoss Enterprise Application Platform 7","defaultStatus":"affected","cpes":["cpe:/a:redhat:jboss_enterprise_application_platform:7"]},{"vendor":"Red Hat","product":"Red Hat JBoss Enterprise Application Platform Expansion Pack","defaultStatus":"affected","cpes":["cpe:/a:redhat:jbosseapxp"]},{"vendor":"Red Hat","product":"Red Hat OpenShift AI (RHOAI)","defaultStatus":"affected","cpes":["cpe:/a:redhat:openshift_ai"]},{"vendor":"Red Hat","product":"Red Hat Single Sign-On 7","defaultStatus":"affected","cpes":["cpe:/a:redhat:red_hat_single_sign_on:7"]},{"vendor":"Red Hat","product":"streams for Apache Kafka 2","defaultStatus":"affected","cpes":["cpe:/a:redhat:amq_streams:2"]},{"vendor":"Red Hat","product":"Cryostat 4","defaultStatus":"unaffected","cpes":["cpe:/a:redhat:cryostat:4"]},{"vendor":"Red Hat","product":"Red Hat AMQ Broker 7","defaultStatus":"unaffected","cpes":["cpe:/a:redhat:amq_broker:7"]},{"vendor":"Red Hat","product":"Red Hat AMQ Clients","defaultStatus":"unaffected","cpes":["cpe:/a:redhat:amq_clients:2023"]},{"vendor":"Red Hat","product":"Red Hat build of Quarkus Native builder","defaultStatus":"unaffected","cpes":["cpe:/a:redhat:quarkus:3"]},{"vendor":"Red Hat","product":"Red Hat JBoss Core Services","defaultStatus":"unaffected","cpes":["cpe:/a:redhat:jboss_core_services:1"]},{"vendor":"Red Hat","product":"Red Hat JBoss Web Server 5","defaultStatus":"unaffected","cpes":["cpe:/a:redhat:jboss_enterprise_web_server:5"]},{"vendor":"Red Hat","product":"Red Hat JBoss Web Server 6","defaultStatus":"unaffected","cpes":["cpe:/a:redhat:jboss_enterprise_web_server:6"]},{"vendor":"Red Hat","product":"Red Hat Process Automation 7","defaultStatus":"unaffected","cpes":["cpe:/a:redhat:jboss_enterprise_bpms_platform:7"]},{"vendor":"Red Hat","product":"Red Hat Satellite 6","defaultStatus":"unaffected","cpes":["cpe:/a:redhat:satellite:6"]},{"vendor":"Red Hat","product":"streams for Apache Kafka 3","defaultStatus":"unaffected","cpes":["cpe:/a:redhat:amq_streams:3"]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L","baseScore":8.3,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"LOW"},"exploitabilityScore":3.9,"impactScore":3.7}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-03-27T19:33:16.549505Z","id":"CVE-2025-67030","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-22"}]},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","type":"Secondary","description":[{"lang":"en","value":"CWE-22"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:codehaus-plexus:plexus-utils:*:*:*:*:*:*:*:*","versionEndExcluding":"3.6.1","matchCriteriaId":"642FD06A-559F-4234-BCC3-63AFFD47A41C"},{"vulnerable":true,"criteria":"cpe:2.3:a:codehaus-plexus:plexus-utils:*:*:*:*:*:*:*:*","versionStartIncluding":"4.0.0","versionEndExcluding":"4.0.3","matchCriteriaId":"29C552CC-D882-4EDF-AF4B-7AA02D7B70AE"}]}]}],"references":[{"url":"https://gist.github.com/weaver4VD/3216dac645220f8c9b488362f61241ec","source":"cve@mitre.org","tags":["Third Party Advisory"]},{"url":"https://github.com/codehaus-plexus/plexus-utils/commit/6d780b3378829318ba5c2d29547e0012d5b29642","source":"cve@mitre.org","tags":["Patch"]},{"url":"https://github.com/codehaus-plexus/plexus-utils/issues/294","source":"cve@mitre.org","tags":["Issue Tracking"]},{"url":"https://github.com/codehaus-plexus/plexus-utils/pull/295","source":"cve@mitre.org","tags":["Issue Tracking","Patch"]},{"url":"https://github.com/codehaus-plexus/plexus-utils/pull/296","source":"cve@mitre.org","tags":["Issue Tracking","Patch"]},{"url":"https://access.redhat.com/errata/RHSA-2026:17668","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:18054","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:18055","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:18059","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:35990","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:35991","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:35992","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:35996","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:35997","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:36012","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:7109","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:7380","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/security/cve/CVE-2025-67030","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2451409","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-67030.json","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"}]}},{"cve":{"id":"CVE-2026-2100","sourceIdentifier":"secalert@redhat.com","published":"2026-03-26T21:17:04.247","lastModified":"2026-07-07T15:16:43.333","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"A flaw was found in p11-kit. A remote attacker could exploit this vulnerability by calling the C_DeriveKey function on a remote token with specific IBM kyber or IBM btc derive mechanism parameters set to NULL. This could lead to the RPC-client attempting to return an uninitialized value, potentially resulting in a NULL dereference or undefined behavior. This issue may cause an application level denial of service or other unpredictable system states."},{"lang":"es","value":"Se encontró una falla en p11-kit. Un atacante remoto podría explotar esta vulnerabilidad al llamar a la función C_DeriveKey en un token remoto con parámetros específicos del mecanismo de derivación IBM kyber o IBM btc establecidos en NULL. Esto podría llevar al cliente RPC intentando devolver un valor no inicializado, resultando potencialmente en una desreferencia NULL o comportamiento indefinido. Este problema puede causar una denegación de servicio a nivel de aplicación o a otros estados impredecibles del sistema."}],"affected":[{"source":"secalert@redhat.com","affectedData":[{"vendor":"p11-glue","product":"p11-kit","defaultStatus":"unaffected","repo":"https://github.com/p11-glue/p11-kit","versions":[{"version":"0","lessThan":"0.26.2","versionType":"semver","status":"affected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 10","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"p11-kit","cpes":["cpe:/o:redhat:enterprise_linux:10.2"],"versions":[{"version":"0:0.26.2-1.el10","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"p11-kit","cpes":["cpe:/a:redhat:enterprise_linux:9::appstream","cpe:/o:redhat:enterprise_linux:9::baseos"],"versions":[{"version":"0:0.26.2-1.el9","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"p11-kit","cpes":["cpe:/a:redhat:enterprise_linux:9::appstream","cpe:/o:redhat:enterprise_linux:9::baseos"],"versions":[{"version":"0:0.26.2-1.el9","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Cost Management 4","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"costmanagement/costmanagement-metrics-rhel9-operator","cpes":["cpe:/a:redhat:cost_management:4::el9"],"versions":[{"version":"1780946239","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Hardened Images","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"p11-kit-main","cpes":["cpe:/a:redhat:hummingbird:1"],"versions":[{"version":"0.26.2-1.1.hum1","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Insights proxy 1.5","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"insights-proxy/insights-proxy-container-rhel9","cpes":["cpe:/a:redhat:insights_proxy:1.5::el9"],"versions":[{"version":"1780420428","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Update Infrastructure 5","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"rhui5/cds-rhel9","cpes":["cpe:/a:redhat:rhui:5::el9"],"versions":[{"version":"1779798159","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Update Infrastructure 5","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"rhui5/haproxy-rhel9","cpes":["cpe:/a:redhat:rhui:5::el9"],"versions":[{"version":"1779798164","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Update Infrastructure 5","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"rhui5/installer-rhel9","cpes":["cpe:/a:redhat:rhui:5::el9"],"versions":[{"version":"1779798165","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Update Infrastructure 5","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"rhui5/rhua-rhel9","cpes":["cpe:/a:redhat:rhui:5::el9"],"versions":[{"version":"1779798222","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 6","defaultStatus":"unaffected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"p11-kit","cpes":["cpe:/o:redhat:enterprise_linux:6"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 7","defaultStatus":"unaffected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"p11-kit","cpes":["cpe:/o:redhat:enterprise_linux:7"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8","defaultStatus":"unaffected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"p11-kit","cpes":["cpe:/o:redhat:enterprise_linux:8"]},{"vendor":"Red Hat","product":"Red Hat OpenShift Container Platform 4","defaultStatus":"unaffected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"rhcos","cpes":["cpe:/a:redhat:openshift:4"]}]}],"metrics":{"cvssMetricV31":[{"source":"secalert@redhat.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L","baseScore":5.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"LOW"},"exploitabilityScore":3.9,"impactScore":1.4},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-03-26T20:30:34.453809Z","id":"CVE-2026-2100","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"secalert@redhat.com","type":"Secondary","description":[{"lang":"en","value":"CWE-824"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:p11-kit_project:p11-kit:-:*:*:*:*:*:*:*","matchCriteriaId":"EC8CB498-F5D5-4AB6-B33E-404C80966280"},{"vulnerable":true,"criteria":"cpe:2.3:a:redhat:hardened_images:-:*:*:*:*:*:*:*","matchCriteriaId":"87DEB507-5B64-47D7-9A50-3B87FD1E571F"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*","matchCriteriaId":"7F6FB57C-2BC7-487C-96DD-132683AEB35D"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux:10.0:*:*:*:*:*:*:*","matchCriteriaId":"D65C2163-CFC2-4ABB-8F4E-CB09CEBD006C"}]}]}],"references":[{"url":"https://access.redhat.com/errata/RHSA-2026:18143","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:18599","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:21275","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:22634","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:27998","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:7065","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/security/cve/CVE-2026-2100","source":"secalert@redhat.com","tags":["Vendor Advisory"]},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2437308","source":"secalert@redhat.com","tags":["Issue Tracking","Vendor Advisory"]},{"url":"https://github.com/p11-glue/p11-kit/pull/740","source":"secalert@redhat.com","tags":["Issue Tracking","Patch"]},{"url":"https://github.com/p11-glue/p11-kit/releases/tag/0.26.2","source":"secalert@redhat.com"}]}},{"cve":{"id":"CVE-2026-35386","sourceIdentifier":"cve@mitre.org","published":"2026-04-02T17:16:27.623","lastModified":"2026-07-07T15:55:29.950","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"In OpenSSH before 10.3, command execution can occur via shell metacharacters in a username within a command line. This requires a scenario where the username on the command line is untrusted, and also requires a non-default configurations of % in ssh_config."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"OpenBSD","product":"OpenSSH","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"10.3","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"cve@mitre.org","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N","baseScore":3.6,"baseSeverity":"LOW","attackVector":"LOCAL","attackComplexity":"HIGH","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":1.0,"impactScore":2.5},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":8.1,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.2,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-04-02T00:00:00+00:00","id":"CVE-2026-35386","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"cve@mitre.org","type":"Secondary","description":[{"lang":"en","value":"CWE-696"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:openbsd:openssh:*:*:*:*:*:*:*:*","versionStartIncluding":"10.0","versionEndExcluding":"10.3","matchCriteriaId":"BED65747-09B7-4705-8C8C-6C1ECEDA4CC6"}]}]}],"references":[{"url":"https://marc.info/?l=openssh-unix-dev&m=177513443901484&w=2","source":"cve@mitre.org","tags":["Third Party Advisory"]},{"url":"https://www.openssh.org/releasenotes.html#10.3p1","source":"cve@mitre.org","tags":["Release Notes"]},{"url":"https://www.openwall.com/lists/oss-security/2026/04/02/3","source":"cve@mitre.org","tags":["Third Party Advisory"]}]}},{"cve":{"id":"CVE-2026-34755","sourceIdentifier":"security-advisories@github.com","published":"2026-04-06T16:16:36.463","lastModified":"2026-07-07T12:16:38.903","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"vLLM is an inference and serving engine for large language models (LLMs). From 0.7.0 to before 0.19.0, the VideoMediaIO.load_base64() method at vllm/multimodal/media/video.py splits video/jpeg data URLs by comma to extract individual JPEG frames, but does not enforce a frame count limit. The num_frames parameter (default: 32), which is enforced by the load_bytes() code path, is completely bypassed in the video/jpeg base64 path. An attacker can send a single API request containing thousands of comma-separated base64-encoded JPEG frames, causing the server to decode all frames into memory and crash with OOM. This vulnerability is fixed in 0.19.0."}],"affected":[{"source":"security-advisories@github.com","affectedData":[{"vendor":"vllm-project","product":"vllm","versions":[{"version":">= 0.7.0, < 0.19.0","status":"affected"}]}]},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","affectedData":[{"vendor":"Red Hat","product":"Red Hat AI Inference Server 3.2","defaultStatus":"affected","cpes":["cpe:/a:redhat:ai_inference_server:3.2::el9"]},{"vendor":"Red Hat","product":"Red Hat AI Inference Server","defaultStatus":"affected","cpes":["cpe:/a:redhat:ai_inference_server:3"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AI (RHEL AI) 3","defaultStatus":"affected","cpes":["cpe:/a:redhat:enterprise_linux_ai:3"]},{"vendor":"Red Hat","product":"Red Hat OpenShift AI (RHOAI)","defaultStatus":"affected","cpes":["cpe:/a:redhat:openshift_ai"]}]}],"metrics":{"cvssMetricV31":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":3.6},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-04-06T18:36:13.854345Z","id":"CVE-2026-34755","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-770"}]},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","type":"Secondary","description":[{"lang":"en","value":"CWE-770"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:vllm:vllm:*:*:*:*:*:*:*:*","versionStartIncluding":"0.7.0","versionEndExcluding":"0.19.0","matchCriteriaId":"36E450C9-1DE7-4CEE-835B-FBE1D9F37704"}]}]}],"references":[{"url":"https://github.com/vllm-project/vllm/security/advisories/GHSA-pq5c-rjhq-qp7p","source":"security-advisories@github.com","tags":["Patch","Vendor Advisory"]},{"url":"https://access.redhat.com/errata/RHSA-2026:36005","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:36006","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/security/cve/CVE-2026-34755","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2455403","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-34755.json","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"}]}},{"cve":{"id":"CVE-2026-34756","sourceIdentifier":"security-advisories@github.com","published":"2026-04-06T16:16:36.610","lastModified":"2026-07-07T12:16:39.163","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"vLLM is an inference and serving engine for large language models (LLMs). From 0.1.0 to before 0.19.0, a Denial of Service vulnerability exists in the vLLM OpenAI-compatible API server. Due to the lack of an upper bound validation on the n parameter in the ChatCompletionRequest and CompletionRequest Pydantic models, an unauthenticated attacker can send a single HTTP request with an astronomically large n value. This completely blocks the Python asyncio event loop and causes immediate Out-Of-Memory crashes by allocating millions of request object copies in the heap before the request even reaches the scheduling queue. This vulnerability is fixed in 0.19.0."}],"affected":[{"source":"security-advisories@github.com","affectedData":[{"vendor":"vllm-project","product":"vllm","versions":[{"version":">= 0.1.0, < 0.19.0","status":"affected"}]}]},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","affectedData":[{"vendor":"Red Hat","product":"Red Hat AI Inference Server 3.2","defaultStatus":"affected","cpes":["cpe:/a:redhat:ai_inference_server:3.2::el9"]},{"vendor":"Red Hat","product":"Red Hat AI Inference Server","defaultStatus":"affected","cpes":["cpe:/a:redhat:ai_inference_server:3"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AI (RHEL AI) 3","defaultStatus":"affected","cpes":["cpe:/a:redhat:enterprise_linux_ai:3"]},{"vendor":"Red Hat","product":"Red Hat OpenShift AI (RHOAI)","defaultStatus":"affected","cpes":["cpe:/a:redhat:openshift_ai"]}]}],"metrics":{"cvssMetricV31":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":3.6},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-04-07T14:16:25.517505Z","id":"CVE-2026-34756","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-770"}]},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","type":"Secondary","description":[{"lang":"en","value":"CWE-1284"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:vllm:vllm:*:*:*:*:*:*:*:*","versionStartIncluding":"0.1.0","versionEndExcluding":"0.19.0","matchCriteriaId":"E0C114ED-3459-4A6D-A572-812A9F3BF777"}]}]}],"references":[{"url":"https://github.com/vllm-project/vllm/commit/b111f8a61f100fdca08706f41f29ef3548de7380","source":"security-advisories@github.com","tags":["Patch"]},{"url":"https://github.com/vllm-project/vllm/pull/37952","source":"security-advisories@github.com","tags":["Issue Tracking","Patch"]},{"url":"https://github.com/vllm-project/vllm/security/advisories/GHSA-3mwp-wvh9-7528","source":"security-advisories@github.com","tags":["Patch","Vendor Advisory"]},{"url":"https://access.redhat.com/errata/RHSA-2026:36005","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:36006","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/security/cve/CVE-2026-34756","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2455425","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-34756.json","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"}]}},{"cve":{"id":"CVE-2026-34982","sourceIdentifier":"security-advisories@github.com","published":"2026-04-06T16:16:38.777","lastModified":"2026-07-07T12:16:39.413","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Vim is an open source, command line text editor. Prior to version 9.2.0276, a modeline sandbox bypass in Vim allows arbitrary OS command execution when a user opens a crafted file. The `complete`, `guitabtooltip` and `printheader` options are missing the `P_MLE` flag, allowing a modeline to be executed. Additionally, the `mapset()` function lacks a `check_secure()` call, allowing it to be abused from sandboxed expressions. Commit 9.2.0276 fixes the issue."}],"affected":[{"source":"security-advisories@github.com","affectedData":[{"vendor":"vim","product":"vim","versions":[{"version":"< 9.2.0276","status":"affected"}]}]},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","affectedData":[{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream EUS (v. 10.0)","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux_eus:10.0"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream (v. 10)","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux:10.1","cpe:/o:redhat:enterprise_linux:10.2"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream (v. 8)","defaultStatus":"affected","cpes":["cpe:/a:redhat:enterprise_linux:8::appstream"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream AUS (v.8.4)","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhel_aus:8.4::appstream"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream EUS EXTENSION (v.8.4)","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhel_eus_long_life:8.4::appstream"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream AUS (v.8.6)","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhel_aus:8.6::appstream"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream EUS EXTENSION (v.8.6)","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhel_eus_long_life:8.6::appstream"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream E4S (v.8.8)","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhel_e4s:8.8::appstream"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream TUS (v.8.8)","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhel_tus:8.8::appstream"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream E4S (v.9.2)","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhel_e4s:9.2::appstream"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream E4S (v.9.4)","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhel_e4s:9.4::appstream"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream EUS (v.9.6)","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhel_eus:9.6::appstream"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream (v. 9)","defaultStatus":"affected","cpes":["cpe:/a:redhat:enterprise_linux:9::appstream"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux BaseOS EUS (v. 10.0)","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux_eus:10.0"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux BaseOS (v. 10)","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux:10.1","cpe:/o:redhat:enterprise_linux:10.2"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux BaseOS (v. 8)","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux:8::baseos"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux BaseOS AUS (v.8.4)","defaultStatus":"affected","cpes":["cpe:/o:redhat:rhel_aus:8.4::baseos"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux BaseOS EUS EXTENSION (v.8.4)","defaultStatus":"affected","cpes":["cpe:/o:redhat:rhel_eus_long_life:8.4::baseos"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux BaseOS AUS (v.8.6)","defaultStatus":"affected","cpes":["cpe:/o:redhat:rhel_aus:8.6::baseos"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux BaseOS EUS EXTENSION (v.8.6)","defaultStatus":"affected","cpes":["cpe:/o:redhat:rhel_eus_long_life:8.6::baseos"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux BaseOS E4S (v.8.8)","defaultStatus":"affected","cpes":["cpe:/o:redhat:rhel_e4s:8.8::baseos"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux BaseOS TUS (v.8.8)","defaultStatus":"affected","cpes":["cpe:/o:redhat:rhel_tus:8.8::baseos"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux BaseOS E4S (v.9.2)","defaultStatus":"affected","cpes":["cpe:/o:redhat:rhel_e4s:9.2::baseos"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux BaseOS E4S (v.9.4)","defaultStatus":"affected","cpes":["cpe:/o:redhat:rhel_e4s:9.4::baseos"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux BaseOS EUS (v.9.6)","defaultStatus":"affected","cpes":["cpe:/o:redhat:rhel_eus:9.6::baseos"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux BaseOS (v. 9)","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux:9::baseos"]},{"vendor":"Red Hat","product":"Red Hat AI Inference Server 3.2","defaultStatus":"affected","cpes":["cpe:/a:redhat:ai_inference_server:3.2::el9"]},{"vendor":"Red Hat","product":"Red Hat AI Inference Server 3.3","defaultStatus":"affected","cpes":["cpe:/a:redhat:ai_inference_server:3.3::el9"]},{"vendor":"Red Hat","product":"Red Hat Insights proxy 1.5","defaultStatus":"affected","cpes":["cpe:/a:redhat:insights_proxy:1.5::el9"]},{"vendor":"Red Hat","product":"Red Hat Update Infrastructure 5","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhui:5::el9"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 6","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux:6"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 7","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux:7"]},{"vendor":"Red Hat","product":"Red Hat OpenShift Container Platform 4","defaultStatus":"affected","cpes":["cpe:/a:redhat:openshift:4"]}]}],"metrics":{"cvssMetricV31":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N","baseScore":8.2,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":1.8,"impactScore":5.8},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N","baseScore":8.2,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":1.8,"impactScore":5.8}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-04-06T00:00:00+00:00","id":"CVE-2026-34982","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-78"}]},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","type":"Secondary","description":[{"lang":"en","value":"CWE-78"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:vim:vim:*:*:*:*:*:*:*:*","versionEndExcluding":"9.2.0276","matchCriteriaId":"B64DB9F0-F10B-40FA-A094-9178E5991FFF"}]}]}],"references":[{"url":"https://github.com/vim/vim/commit/75661a66a1db1e1f3f1245c615","source":"security-advisories@github.com","tags":["Patch"]},{"url":"https://github.com/vim/vim/releases/tag/v9.2.0276","source":"security-advisories@github.com","tags":["Release Notes"]},{"url":"https://github.com/vim/vim/security/advisories/GHSA-8h6p-m6gr-mpw9","source":"security-advisories@github.com","tags":["Patch","Vendor Advisory"]},{"url":"http://www.openwall.com/lists/oss-security/2026/04/01/1","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Mailing List","Patch","Third Party Advisory"]},{"url":"https://access.redhat.com/errata/RHSA-2026:11389","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:11509","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:11510","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:19073","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:19224","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:21275","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:22634","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:28049","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:28050","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:28133","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:30078","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:30087","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:30088","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:30089","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:30900","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:33453","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:34476","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:34477","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:36004","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:36005","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:36006","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/security/cve/CVE-2026-34982","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2455400","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-34982.json","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"}]}},{"cve":{"id":"CVE-2025-31991","sourceIdentifier":"psirt@hcl.com","published":"2026-04-13T16:16:24.110","lastModified":"2026-07-07T17:59:01.717","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Rate Limiting for attempting a user login is not being properly enforced, making HCL DevOps Velocity susceptible to brute-force attacks past the unsuccessful login attempt limit.  This vulnerability is fixed in 5.1.7."}],"affected":[{"source":"psirt@hcl.com","affectedData":[{"vendor":"HCLSoftware","product":"Velocity","defaultStatus":"unaffected","versions":[{"version":"<.5.1.7","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"psirt@hcl.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:N/I:H/A:N","baseScore":6.8,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"NONE","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":2.3,"impactScore":4.0},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-04-13T17:07:08.674988Z","id":"CVE-2025-31991","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"psirt@hcl.com","type":"Secondary","description":[{"lang":"en","value":"CWE-307"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:hcltech:devops_velocity:*:*:*:*:*:*:*:*","versionEndExcluding":"5.1.7","matchCriteriaId":"A0B08191-79B5-4DB6-AE9B-43F5D6062A07"}]}]}],"references":[{"url":"https://support.hcl-software.com/csm?id=kb_article&sysparm_article=KB0130138","source":"psirt@hcl.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-33845","sourceIdentifier":"secalert@redhat.com","published":"2026-04-30T18:16:28.003","lastModified":"2026-07-07T12:16:37.817","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"A flaw in GnuTLS DTLS handshake parsing allows malformed fragments with zero length and non-zero offset, leading to an integer underflow during reassembly and resulting in an out-of-bounds read. This issue is remotely exploitable and may cause information disclosure or denial of service."}],"affected":[{"source":"secalert@redhat.com","affectedData":[{"defaultStatus":"unaffected","collectionURL":"https://gitlab.com/gnutls/gnutls","packageName":"gnutls","versions":[{"version":"0","lessThan":"3.8.13","versionType":"semver","status":"affected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 10","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"gnutls","cpes":["cpe:/o:redhat:enterprise_linux:10.2"],"versions":[{"version":"0:3.8.10-4.el10_2","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 10.0 Extended Update Support","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"gnutls","cpes":["cpe:/o:redhat:enterprise_linux_eus:10.0"],"versions":[{"version":"0:3.8.9-9.el10_0.19","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 7 Extended Lifecycle Support","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"gnutls","cpes":["cpe:/o:redhat:rhel_els:7"],"versions":[{"version":"0:3.3.29-9.el7_9.1","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"gnutls","cpes":["cpe:/a:redhat:enterprise_linux:8::appstream","cpe:/o:redhat:enterprise_linux:8::baseos"],"versions":[{"version":"0:3.6.16-8.el8_10.6","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"gnutls","cpes":["cpe:/a:redhat:enterprise_linux:8::appstream","cpe:/o:redhat:enterprise_linux:8::baseos"],"versions":[{"version":"0:3.6.16-8.el8_10.6","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"gnutls","cpes":["cpe:/a:redhat:rhel_aus:8.4::appstream","cpe:/a:redhat:rhel_eus_long_life:8.4::appstream","cpe:/o:redhat:rhel_aus:8.4::baseos","cpe:/o:redhat:rhel_eus_long_life:8.4::baseos"],"versions":[{"version":"0:3.6.14-10.el8_4.1","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"libtasn1","cpes":["cpe:/a:redhat:rhel_aus:8.4::appstream","cpe:/a:redhat:rhel_eus_long_life:8.4::appstream","cpe:/o:redhat:rhel_aus:8.4::baseos","cpe:/o:redhat:rhel_eus_long_life:8.4::baseos"],"versions":[{"version":"0:4.13-3.el8_4.1","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"gnutls","cpes":["cpe:/a:redhat:rhel_aus:8.4::appstream","cpe:/a:redhat:rhel_eus_long_life:8.4::appstream","cpe:/o:redhat:rhel_aus:8.4::baseos","cpe:/o:redhat:rhel_eus_long_life:8.4::baseos"],"versions":[{"version":"0:3.6.14-10.el8_4.1","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"libtasn1","cpes":["cpe:/a:redhat:rhel_aus:8.4::appstream","cpe:/a:redhat:rhel_eus_long_life:8.4::appstream","cpe:/o:redhat:rhel_aus:8.4::baseos","cpe:/o:redhat:rhel_eus_long_life:8.4::baseos"],"versions":[{"version":"0:4.13-3.el8_4.1","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"gnutls","cpes":["cpe:/a:redhat:rhel_aus:8.6::appstream","cpe:/a:redhat:rhel_eus_long_life:8.6::appstream","cpe:/o:redhat:rhel_aus:8.6::baseos","cpe:/o:redhat:rhel_eus_long_life:8.6::baseos"],"versions":[{"version":"0:3.6.16-5.el8_6.5","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"libtasn1","cpes":["cpe:/a:redhat:rhel_aus:8.6::appstream","cpe:/a:redhat:rhel_eus_long_life:8.6::appstream","cpe:/o:redhat:rhel_aus:8.6::baseos","cpe:/o:redhat:rhel_eus_long_life:8.6::baseos"],"versions":[{"version":"0:4.13-3.el8_6.2","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.6 Extended Update Support Long-Life Add-On","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"gnutls","cpes":["cpe:/a:redhat:rhel_aus:8.6::appstream","cpe:/a:redhat:rhel_eus_long_life:8.6::appstream","cpe:/o:redhat:rhel_aus:8.6::baseos","cpe:/o:redhat:rhel_eus_long_life:8.6::baseos"],"versions":[{"version":"0:3.6.16-5.el8_6.5","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.6 Extended Update Support Long-Life Add-On","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"libtasn1","cpes":["cpe:/a:redhat:rhel_aus:8.6::appstream","cpe:/a:redhat:rhel_eus_long_life:8.6::appstream","cpe:/o:redhat:rhel_aus:8.6::baseos","cpe:/o:redhat:rhel_eus_long_life:8.6::baseos"],"versions":[{"version":"0:4.13-3.el8_6.2","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.8 Telecommunications Update Service","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"gnutls","cpes":["cpe:/a:redhat:rhel_e4s:8.8::appstream","cpe:/a:redhat:rhel_tus:8.8::appstream","cpe:/o:redhat:rhel_e4s:8.8::baseos","cpe:/o:redhat:rhel_tus:8.8::baseos"],"versions":[{"version":"0:3.6.16-7.el8_8.4","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.8 Telecommunications Update Service","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"libtasn1","cpes":["cpe:/a:redhat:rhel_e4s:8.8::appstream","cpe:/a:redhat:rhel_tus:8.8::appstream","cpe:/o:redhat:rhel_e4s:8.8::baseos","cpe:/o:redhat:rhel_tus:8.8::baseos"],"versions":[{"version":"0:4.13-4.el8_8.1","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"gnutls","cpes":["cpe:/a:redhat:rhel_e4s:8.8::appstream","cpe:/a:redhat:rhel_tus:8.8::appstream","cpe:/o:redhat:rhel_e4s:8.8::baseos","cpe:/o:redhat:rhel_tus:8.8::baseos"],"versions":[{"version":"0:3.6.16-7.el8_8.4","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"libtasn1","cpes":["cpe:/a:redhat:rhel_e4s:8.8::appstream","cpe:/a:redhat:rhel_tus:8.8::appstream","cpe:/o:redhat:rhel_e4s:8.8::baseos","cpe:/o:redhat:rhel_tus:8.8::baseos"],"versions":[{"version":"0:4.13-4.el8_8.1","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"gnutls","cpes":["cpe:/a:redhat:enterprise_linux:9::appstream","cpe:/o:redhat:enterprise_linux:9::baseos"],"versions":[{"version":"0:3.8.10-4.el9_8","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"gnutls","cpes":["cpe:/a:redhat:enterprise_linux:9::appstream","cpe:/o:redhat:enterprise_linux:9::baseos"],"versions":[{"version":"0:3.8.10-4.el9_8","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9.4 Update Services for SAP Solutions","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"gnutls","cpes":["cpe:/a:redhat:rhel_e4s:9.4::appstream","cpe:/o:redhat:rhel_e4s:9.4::baseos"],"versions":[{"version":"0:3.8.3-4.el9_4.6","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9.6 Extended Update Support","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"gnutls","cpes":["cpe:/a:redhat:rhel_eus:9.6::appstream","cpe:/o:redhat:rhel_eus:9.6::baseos"],"versions":[{"version":"0:3.8.3-6.el9_6.4","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat AI Inference Server 3.2","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"rhaiis/model-opt-cuda-rhel9","cpes":["cpe:/a:redhat:ai_inference_server:3.2::el9"],"versions":[{"version":"1782951051","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat AI Inference Server 3.2","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"rhaiis/vllm-cuda-rhel9","cpes":["cpe:/a:redhat:ai_inference_server:3.2::el9"],"versions":[{"version":"1782951012","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat AI Inference Server 3.2","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"rhaiis/vllm-rocm-rhel9","cpes":["cpe:/a:redhat:ai_inference_server:3.2::el9"],"versions":[{"version":"1782951244","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Discovery 2","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"discovery/discovery-server-rhel9","cpes":["cpe:/a:redhat:discovery:2::el9"],"versions":[{"version":"1782159791","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Discovery 2","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"discovery/discovery-ui-rhel9","cpes":["cpe:/a:redhat:discovery:2::el9"],"versions":[{"version":"1782166952","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Hardened Images","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"gnutls-main","cpes":["cpe:/a:redhat:hummingbird:1"],"versions":[{"version":"3.8.13-1.hum1","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Update Infrastructure 5","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"rhui5/cds-rhel9","cpes":["cpe:/a:redhat:rhui:5::el9"],"versions":[{"version":"1781525684","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Update Infrastructure 5","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"rhui5/haproxy-rhel9","cpes":["cpe:/a:redhat:rhui:5::el9"],"versions":[{"version":"1781525671","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Update Infrastructure 5","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"rhui5/installer-rhel9","cpes":["cpe:/a:redhat:rhui:5::el9"],"versions":[{"version":"1781525693","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Update Infrastructure 5","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"rhui5/rhua-rhel9","cpes":["cpe:/a:redhat:rhui:5::el9"],"versions":[{"version":"1781525739","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 6","defaultStatus":"unaffected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"gnutls","cpes":["cpe:/o:redhat:enterprise_linux:6"]},{"vendor":"Red Hat","product":"Red Hat OpenShift Container Platform 4","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"rhcos","cpes":["cpe:/a:redhat:openshift:4"]}]},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","affectedData":[{"vendor":"Red Hat","product":"Red Hat Enterprise Linux Server (v. 7 ELS)","defaultStatus":"affected","cpes":["cpe:/o:redhat:rhel_els:7"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream EUS (v. 10.0)","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux_eus:10.0"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream (v. 10)","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux:10.2"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream (v. 8)","defaultStatus":"affected","cpes":["cpe:/a:redhat:enterprise_linux:8::appstream"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream AUS (v.8.4)","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhel_aus:8.4::appstream"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream EUS EXTENSION (v.8.4)","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhel_eus_long_life:8.4::appstream"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream AUS (v.8.6)","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhel_aus:8.6::appstream"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream EUS EXTENSION (v.8.6)","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhel_eus_long_life:8.6::appstream"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream E4S (v.8.8)","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhel_e4s:8.8::appstream"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream TUS (v.8.8)","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhel_tus:8.8::appstream"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream E4S (v.9.4)","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhel_e4s:9.4::appstream"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream EUS (v.9.6)","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhel_eus:9.6::appstream"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream (v. 9)","defaultStatus":"affected","cpes":["cpe:/a:redhat:enterprise_linux:9::appstream"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux BaseOS EUS (v. 10.0)","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux_eus:10.0"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux BaseOS (v. 10)","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux:10.2"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux BaseOS (v. 8)","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux:8::baseos"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux BaseOS AUS (v.8.4)","defaultStatus":"affected","cpes":["cpe:/o:redhat:rhel_aus:8.4::baseos"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux BaseOS EUS EXTENSION (v.8.4)","defaultStatus":"affected","cpes":["cpe:/o:redhat:rhel_eus_long_life:8.4::baseos"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux BaseOS AUS (v.8.6)","defaultStatus":"affected","cpes":["cpe:/o:redhat:rhel_aus:8.6::baseos"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux BaseOS EUS EXTENSION (v.8.6)","defaultStatus":"affected","cpes":["cpe:/o:redhat:rhel_eus_long_life:8.6::baseos"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux BaseOS E4S (v.8.8)","defaultStatus":"affected","cpes":["cpe:/o:redhat:rhel_e4s:8.8::baseos"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux BaseOS TUS (v.8.8)","defaultStatus":"affected","cpes":["cpe:/o:redhat:rhel_tus:8.8::baseos"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux BaseOS E4S (v.9.4)","defaultStatus":"affected","cpes":["cpe:/o:redhat:rhel_e4s:9.4::baseos"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux BaseOS EUS (v.9.6)","defaultStatus":"affected","cpes":["cpe:/o:redhat:rhel_eus:9.6::baseos"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux BaseOS (v. 9)","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux:9::baseos"]},{"vendor":"Red Hat","product":"Red Hat AI Inference Server 3.2","defaultStatus":"affected","cpes":["cpe:/a:redhat:ai_inference_server:3.2::el9"]},{"vendor":"Red Hat","product":"Red Hat Discovery 2","defaultStatus":"affected","cpes":["cpe:/a:redhat:discovery:2::el9"]},{"vendor":"Red Hat","product":"Red Hat Hardened Images","defaultStatus":"affected","cpes":["cpe:/a:redhat:hummingbird:1"]},{"vendor":"Red Hat","product":"Red Hat Update Infrastructure 5","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhui:5::el9"]},{"vendor":"Red Hat","product":"Red Hat OpenShift Container Platform 4","defaultStatus":"affected","cpes":["cpe:/a:redhat:openshift:4"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 6","defaultStatus":"unaffected","cpes":["cpe:/o:redhat:enterprise_linux:6"]}]}],"metrics":{"cvssMetricV31":[{"source":"secalert@redhat.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":3.6},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H","baseScore":9.1,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.2},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-04-30T18:40:18.586755Z","id":"CVE-2026-33845","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"secalert@redhat.com","type":"Secondary","description":[{"lang":"en","value":"CWE-191"}]},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","type":"Secondary","description":[{"lang":"en","value":"CWE-191"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:gnu:gnutls:-:*:*:*:*:*:*:*","matchCriteriaId":"33A22858-21E1-479F-A9C4-AD2EFD059B93"},{"vulnerable":true,"criteria":"cpe:2.3:a:redhat:openshift_container_platform:4.0:*:*:*:*:*:*:*","matchCriteriaId":"932D137F-528B-4526-9A89-CD59FA1AB0FE"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*","matchCriteriaId":"2F6AB192-9D7D-4A9A-8995-E53A9DE9EAFC"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*","matchCriteriaId":"142AD0DD-4CF3-4D74-9442-459CE3347E3A"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*","matchCriteriaId":"F4CFF558-3C47-480D-A2F0-BABF26042943"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*","matchCriteriaId":"7F6FB57C-2BC7-487C-96DD-132683AEB35D"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux:10.0:*:*:*:*:*:*:*","matchCriteriaId":"D65C2163-CFC2-4ABB-8F4E-CB09CEBD006C"}]}]}],"references":[{"url":"https://access.redhat.com/errata/RHSA-2026:13274","source":"secalert@redhat.com","tags":["Vendor Advisory"]},{"url":"https://access.redhat.com/errata/RHSA-2026:20611","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:20612","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:20613","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:26319","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:26409","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:29197","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:30004","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:30849","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:30850","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:32962","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:33125","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:34372","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:36004","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:36005","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:36006","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/security/cve/CVE-2026-33845","source":"secalert@redhat.com","tags":["Vendor Advisory"]},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2450624","source":"secalert@redhat.com","tags":["Issue Tracking","Vendor Advisory"]},{"url":"https://access.redhat.com/errata/RHSA-2026:13274","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","tags":["Vendor Advisory"]},{"url":"https://access.redhat.com/errata/RHSA-2026:20611","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:20612","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:20613","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:26319","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:26409","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:29197","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:30004","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:30849","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:30850","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:32962","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:33125","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:34372","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:36004","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:36005","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:36006","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/security/cve/CVE-2026-33845","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","tags":["Vendor Advisory"]},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2450624","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","tags":["Issue Tracking","Vendor Advisory"]},{"url":"https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-33845.json","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"}]}},{"cve":{"id":"CVE-2026-33846","sourceIdentifier":"secalert@redhat.com","published":"2026-05-04T10:15:59.690","lastModified":"2026-07-07T12:16:38.380","vulnStatus":"Awaiting Analysis","cveTags":[],"descriptions":[{"lang":"en","value":"A heap buffer overflow vulnerability exists in the DTLS handshake fragment reassembly logic of GnuTLS. The issue arises in merge_handshake_packet() where incoming handshake fragments are matched and merged based solely on handshake type, without validating that the message_length field remains consistent across all fragments of the same logical message. An attacker can exploit this by sending crafted DTLS fragments with conflicting message_length values, causing the implementation to allocate a buffer based on a smaller initial fragment and subsequently write beyond its bounds using larger, inconsistent fragments. Because the merge operation does not enforce proper bounds checking against the allocated buffer size, this results in an out-of-bounds write on the heap. The vulnerability is remotely exploitable without authentication via the DTLS handshake path and can lead to application crashes or potential memory corruption."}],"affected":[{"source":"secalert@redhat.com","affectedData":[{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 10","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"gnutls","cpes":["cpe:/o:redhat:enterprise_linux:10.2"],"versions":[{"version":"0:3.8.10-4.el10_2","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 10.0 Extended Update Support","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"gnutls","cpes":["cpe:/o:redhat:enterprise_linux_eus:10.0"],"versions":[{"version":"0:3.8.9-9.el10_0.19","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 7 Extended Lifecycle Support","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"gnutls","cpes":["cpe:/o:redhat:rhel_els:7"],"versions":[{"version":"0:3.3.29-9.el7_9.1","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"gnutls","cpes":["cpe:/a:redhat:enterprise_linux:8::appstream","cpe:/o:redhat:enterprise_linux:8::baseos"],"versions":[{"version":"0:3.6.16-8.el8_10.6","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"gnutls","cpes":["cpe:/a:redhat:enterprise_linux:8::appstream","cpe:/o:redhat:enterprise_linux:8::baseos"],"versions":[{"version":"0:3.6.16-8.el8_10.6","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"gnutls","cpes":["cpe:/a:redhat:rhel_aus:8.4::appstream","cpe:/a:redhat:rhel_eus_long_life:8.4::appstream","cpe:/o:redhat:rhel_aus:8.4::baseos","cpe:/o:redhat:rhel_eus_long_life:8.4::baseos"],"versions":[{"version":"0:3.6.14-10.el8_4.1","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"libtasn1","cpes":["cpe:/a:redhat:rhel_aus:8.4::appstream","cpe:/a:redhat:rhel_eus_long_life:8.4::appstream","cpe:/o:redhat:rhel_aus:8.4::baseos","cpe:/o:redhat:rhel_eus_long_life:8.4::baseos"],"versions":[{"version":"0:4.13-3.el8_4.1","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"gnutls","cpes":["cpe:/a:redhat:rhel_aus:8.4::appstream","cpe:/a:redhat:rhel_eus_long_life:8.4::appstream","cpe:/o:redhat:rhel_aus:8.4::baseos","cpe:/o:redhat:rhel_eus_long_life:8.4::baseos"],"versions":[{"version":"0:3.6.14-10.el8_4.1","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"libtasn1","cpes":["cpe:/a:redhat:rhel_aus:8.4::appstream","cpe:/a:redhat:rhel_eus_long_life:8.4::appstream","cpe:/o:redhat:rhel_aus:8.4::baseos","cpe:/o:redhat:rhel_eus_long_life:8.4::baseos"],"versions":[{"version":"0:4.13-3.el8_4.1","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"gnutls","cpes":["cpe:/a:redhat:rhel_aus:8.6::appstream","cpe:/a:redhat:rhel_eus_long_life:8.6::appstream","cpe:/o:redhat:rhel_aus:8.6::baseos","cpe:/o:redhat:rhel_eus_long_life:8.6::baseos"],"versions":[{"version":"0:3.6.16-5.el8_6.5","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"libtasn1","cpes":["cpe:/a:redhat:rhel_aus:8.6::appstream","cpe:/a:redhat:rhel_eus_long_life:8.6::appstream","cpe:/o:redhat:rhel_aus:8.6::baseos","cpe:/o:redhat:rhel_eus_long_life:8.6::baseos"],"versions":[{"version":"0:4.13-3.el8_6.2","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.6 Extended Update Support Long-Life Add-On","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"gnutls","cpes":["cpe:/a:redhat:rhel_aus:8.6::appstream","cpe:/a:redhat:rhel_eus_long_life:8.6::appstream","cpe:/o:redhat:rhel_aus:8.6::baseos","cpe:/o:redhat:rhel_eus_long_life:8.6::baseos"],"versions":[{"version":"0:3.6.16-5.el8_6.5","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.6 Extended Update Support Long-Life Add-On","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"libtasn1","cpes":["cpe:/a:redhat:rhel_aus:8.6::appstream","cpe:/a:redhat:rhel_eus_long_life:8.6::appstream","cpe:/o:redhat:rhel_aus:8.6::baseos","cpe:/o:redhat:rhel_eus_long_life:8.6::baseos"],"versions":[{"version":"0:4.13-3.el8_6.2","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.8 Telecommunications Update Service","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"gnutls","cpes":["cpe:/a:redhat:rhel_e4s:8.8::appstream","cpe:/a:redhat:rhel_tus:8.8::appstream","cpe:/o:redhat:rhel_e4s:8.8::baseos","cpe:/o:redhat:rhel_tus:8.8::baseos"],"versions":[{"version":"0:3.6.16-7.el8_8.4","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.8 Telecommunications Update Service","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"libtasn1","cpes":["cpe:/a:redhat:rhel_e4s:8.8::appstream","cpe:/a:redhat:rhel_tus:8.8::appstream","cpe:/o:redhat:rhel_e4s:8.8::baseos","cpe:/o:redhat:rhel_tus:8.8::baseos"],"versions":[{"version":"0:4.13-4.el8_8.1","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"gnutls","cpes":["cpe:/a:redhat:rhel_e4s:8.8::appstream","cpe:/a:redhat:rhel_tus:8.8::appstream","cpe:/o:redhat:rhel_e4s:8.8::baseos","cpe:/o:redhat:rhel_tus:8.8::baseos"],"versions":[{"version":"0:3.6.16-7.el8_8.4","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"libtasn1","cpes":["cpe:/a:redhat:rhel_e4s:8.8::appstream","cpe:/a:redhat:rhel_tus:8.8::appstream","cpe:/o:redhat:rhel_e4s:8.8::baseos","cpe:/o:redhat:rhel_tus:8.8::baseos"],"versions":[{"version":"0:4.13-4.el8_8.1","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"gnutls","cpes":["cpe:/a:redhat:enterprise_linux:9::appstream","cpe:/o:redhat:enterprise_linux:9::baseos"],"versions":[{"version":"0:3.8.10-4.el9_8","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"gnutls","cpes":["cpe:/a:redhat:enterprise_linux:9::appstream","cpe:/o:redhat:enterprise_linux:9::baseos"],"versions":[{"version":"0:3.8.10-4.el9_8","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9.4 Update Services for SAP Solutions","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"gnutls","cpes":["cpe:/a:redhat:rhel_e4s:9.4::appstream","cpe:/o:redhat:rhel_e4s:9.4::baseos"],"versions":[{"version":"0:3.8.3-4.el9_4.6","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9.6 Extended Update Support","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"gnutls","cpes":["cpe:/a:redhat:rhel_eus:9.6::appstream","cpe:/o:redhat:rhel_eus:9.6::baseos"],"versions":[{"version":"0:3.8.3-6.el9_6.4","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat AI Inference Server 3.2","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"rhaiis/model-opt-cuda-rhel9","cpes":["cpe:/a:redhat:ai_inference_server:3.2::el9"],"versions":[{"version":"1782951051","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat AI Inference Server 3.2","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"rhaiis/vllm-cuda-rhel9","cpes":["cpe:/a:redhat:ai_inference_server:3.2::el9"],"versions":[{"version":"1782951012","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat AI Inference Server 3.2","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"rhaiis/vllm-rocm-rhel9","cpes":["cpe:/a:redhat:ai_inference_server:3.2::el9"],"versions":[{"version":"1782951244","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Discovery 2","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"discovery/discovery-server-rhel9","cpes":["cpe:/a:redhat:discovery:2::el9"],"versions":[{"version":"1782159791","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Discovery 2","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"discovery/discovery-ui-rhel9","cpes":["cpe:/a:redhat:discovery:2::el9"],"versions":[{"version":"1782166952","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Hardened Images","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"gnutls-main","cpes":["cpe:/a:redhat:hummingbird:1"],"versions":[{"version":"3.8.13-1.hum1","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Update Infrastructure 5","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"rhui5/cds-rhel9","cpes":["cpe:/a:redhat:rhui:5::el9"],"versions":[{"version":"1781525684","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Update Infrastructure 5","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"rhui5/haproxy-rhel9","cpes":["cpe:/a:redhat:rhui:5::el9"],"versions":[{"version":"1781525671","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Update Infrastructure 5","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"rhui5/installer-rhel9","cpes":["cpe:/a:redhat:rhui:5::el9"],"versions":[{"version":"1781525693","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Update Infrastructure 5","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"rhui5/rhua-rhel9","cpes":["cpe:/a:redhat:rhui:5::el9"],"versions":[{"version":"1781525739","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 6","defaultStatus":"unaffected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"gnutls","cpes":["cpe:/o:redhat:enterprise_linux:6"]},{"vendor":"Red Hat","product":"Red Hat OpenShift Container Platform 4","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"rhcos","cpes":["cpe:/a:redhat:openshift:4"]}]},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","affectedData":[{"vendor":"Red Hat","product":"Red Hat Enterprise Linux Server (v. 7 ELS)","defaultStatus":"affected","cpes":["cpe:/o:redhat:rhel_els:7"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream EUS (v. 10.0)","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux_eus:10.0"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream (v. 10)","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux:10.2"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream (v. 8)","defaultStatus":"affected","cpes":["cpe:/a:redhat:enterprise_linux:8::appstream"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream AUS (v.8.4)","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhel_aus:8.4::appstream"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream EUS EXTENSION (v.8.4)","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhel_eus_long_life:8.4::appstream"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream AUS (v.8.6)","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhel_aus:8.6::appstream"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream EUS EXTENSION (v.8.6)","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhel_eus_long_life:8.6::appstream"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream E4S (v.8.8)","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhel_e4s:8.8::appstream"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream TUS (v.8.8)","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhel_tus:8.8::appstream"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream E4S (v.9.4)","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhel_e4s:9.4::appstream"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream EUS (v.9.6)","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhel_eus:9.6::appstream"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream (v. 9)","defaultStatus":"affected","cpes":["cpe:/a:redhat:enterprise_linux:9::appstream"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux BaseOS EUS (v. 10.0)","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux_eus:10.0"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux BaseOS (v. 10)","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux:10.2"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux BaseOS (v. 8)","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux:8::baseos"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux BaseOS AUS (v.8.4)","defaultStatus":"affected","cpes":["cpe:/o:redhat:rhel_aus:8.4::baseos"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux BaseOS EUS EXTENSION (v.8.4)","defaultStatus":"affected","cpes":["cpe:/o:redhat:rhel_eus_long_life:8.4::baseos"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux BaseOS AUS (v.8.6)","defaultStatus":"affected","cpes":["cpe:/o:redhat:rhel_aus:8.6::baseos"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux BaseOS EUS EXTENSION (v.8.6)","defaultStatus":"affected","cpes":["cpe:/o:redhat:rhel_eus_long_life:8.6::baseos"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux BaseOS E4S (v.8.8)","defaultStatus":"affected","cpes":["cpe:/o:redhat:rhel_e4s:8.8::baseos"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux BaseOS TUS (v.8.8)","defaultStatus":"affected","cpes":["cpe:/o:redhat:rhel_tus:8.8::baseos"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux BaseOS E4S (v.9.4)","defaultStatus":"affected","cpes":["cpe:/o:redhat:rhel_e4s:9.4::baseos"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux BaseOS EUS (v.9.6)","defaultStatus":"affected","cpes":["cpe:/o:redhat:rhel_eus:9.6::baseos"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux BaseOS (v. 9)","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux:9::baseos"]},{"vendor":"Red Hat","product":"Red Hat AI Inference Server 3.2","defaultStatus":"affected","cpes":["cpe:/a:redhat:ai_inference_server:3.2::el9"]},{"vendor":"Red Hat","product":"Red Hat Discovery 2","defaultStatus":"affected","cpes":["cpe:/a:redhat:discovery:2::el9"]},{"vendor":"Red Hat","product":"Red Hat Hardened Images","defaultStatus":"affected","cpes":["cpe:/a:redhat:hummingbird:1"]},{"vendor":"Red Hat","product":"Red Hat Update Infrastructure 5","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhui:5::el9"]},{"vendor":"Red Hat","product":"Red Hat OpenShift Container Platform 4","defaultStatus":"affected","cpes":["cpe:/a:redhat:openshift:4"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 6","defaultStatus":"unaffected","cpes":["cpe:/o:redhat:enterprise_linux:6"]}]}],"metrics":{"cvssMetricV31":[{"source":"secalert@redhat.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":3.6},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-05-04T12:46:44.977536Z","id":"CVE-2026-33846","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"secalert@redhat.com","type":"Secondary","description":[{"lang":"en","value":"CWE-130"}]},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","type":"Secondary","description":[{"lang":"en","value":"CWE-130"}]}],"references":[{"url":"https://access.redhat.com/errata/RHSA-2026:13274","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:20611","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:20612","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:20613","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:26319","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:26409","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:29197","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:30004","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:30849","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:30850","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:32962","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:33125","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:34372","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:36004","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:36005","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:36006","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/security/cve/CVE-2026-33846","source":"secalert@redhat.com"},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2450625","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:13274","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:20611","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:20612","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:20613","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:26319","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:26409","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:29197","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:30004","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:30849","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:30850","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:32962","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:33125","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:34372","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:36004","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:36005","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:36006","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/security/cve/CVE-2026-33846","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2450625","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-33846.json","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"}]}},{"cve":{"id":"CVE-2026-43329","sourceIdentifier":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","published":"2026-05-08T14:16:42.520","lastModified":"2026-07-07T12:16:47.147","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: flowtable: strictly check for maximum number of actions\n\nThe maximum number of flowtable hardware offload actions in IPv6 is:\n\n* ethernet mangling (4 payload actions, 2 for each ethernet address)\n* SNAT (4 payload actions)\n* DNAT (4 payload actions)\n* Double VLAN (4 vlan actions, 2 for popping vlan, and 2 for pushing)\n  for QinQ.\n* Redirect (1 action)\n\nWhich makes 17, while the maximum is 16. But act_ct supports for tunnels\nactions too. Note that payload action operates at 32-bit word level, so\nmangling an IPv6 address takes 4 payload actions.\n\nUpdate flow_action_entry_next() calls to check for the maximum number of\nsupported actions.\n\nWhile at it, rise the maximum number of actions per flow from 16 to 24\nso this works fine with IPv6 setups."}],"affected":[{"source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","affectedData":[{"vendor":"Linux","product":"Linux","defaultStatus":"unaffected","programFiles":["net/netfilter/nf_flow_table_offload.c"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","versions":[{"version":"c29f74e0df7a02b8303bcdce93a7c0132d62577a","lessThan":"ead66c77303f760f6c30be96e2e20d5a77cef614","versionType":"git","status":"affected"},{"version":"c29f74e0df7a02b8303bcdce93a7c0132d62577a","lessThan":"fe9018d3e94329f1951b00805a8640bc06f56ead","versionType":"git","status":"affected"},{"version":"c29f74e0df7a02b8303bcdce93a7c0132d62577a","lessThan":"5382bb03e9c33b089d60788478b922a2dca284cc","versionType":"git","status":"affected"},{"version":"c29f74e0df7a02b8303bcdce93a7c0132d62577a","lessThan":"57c78bd2e2dd08897acd35b2bf8bcef322e36f5e","versionType":"git","status":"affected"},{"version":"c29f74e0df7a02b8303bcdce93a7c0132d62577a","lessThan":"504c9456699dcf4d15195ef34a0fa94a80bfc877","versionType":"git","status":"affected"},{"version":"c29f74e0df7a02b8303bcdce93a7c0132d62577a","lessThan":"879959a7a2be814dd57568655eafa3d8f4d0309e","versionType":"git","status":"affected"},{"version":"c29f74e0df7a02b8303bcdce93a7c0132d62577a","lessThan":"76522fcdbc3a02b568f5d957f7e66fc194abb893","versionType":"git","status":"affected"}]},{"vendor":"Linux","product":"Linux","defaultStatus":"affected","programFiles":["net/netfilter/nf_flow_table_offload.c"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","versions":[{"version":"5.5","status":"affected"},{"version":"0","lessThan":"5.5","versionType":"semver","status":"unaffected"},{"version":"5.15.203","lessThanOrEqual":"5.15.*","versionType":"semver","status":"unaffected"},{"version":"6.1.168","lessThanOrEqual":"6.1.*","versionType":"semver","status":"unaffected"},{"version":"6.6.134","lessThanOrEqual":"6.6.*","versionType":"semver","status":"unaffected"},{"version":"6.12.81","lessThanOrEqual":"6.12.*","versionType":"semver","status":"unaffected"},{"version":"6.18.22","lessThanOrEqual":"6.18.*","versionType":"semver","status":"unaffected"},{"version":"6.19.12","lessThanOrEqual":"6.19.*","versionType":"semver","status":"unaffected"},{"version":"7.0","lessThanOrEqual":"*","versionType":"original_commit_for_fix","status":"unaffected"}]}]},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","affectedData":[{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream EUS (v. 10.0)","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux_eus:10.0"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream (v. 10)","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux:10.2"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream E4S (v.9.2)","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhel_e4s:9.2::appstream"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream E4S (v.9.4)","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhel_e4s:9.4::appstream"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream EUS (v.9.6)","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhel_eus:9.6::appstream"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream (v. 9)","defaultStatus":"affected","cpes":["cpe:/a:redhat:enterprise_linux:9::appstream"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux BaseOS EUS (v. 10.0)","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux_eus:10.0"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux BaseOS (v. 10)","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux:10.2"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux BaseOS (v. 8)","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux:8::baseos"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux BaseOS AUS (v.8.4)","defaultStatus":"affected","cpes":["cpe:/o:redhat:rhel_aus:8.4::baseos"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux BaseOS EUS EXTENSION (v.8.4)","defaultStatus":"affected","cpes":["cpe:/o:redhat:rhel_eus_long_life:8.4::baseos"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux BaseOS AUS (v.8.6)","defaultStatus":"affected","cpes":["cpe:/o:redhat:rhel_aus:8.6::baseos"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux BaseOS EUS EXTENSION (v.8.6)","defaultStatus":"affected","cpes":["cpe:/o:redhat:rhel_eus_long_life:8.6::baseos"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux BaseOS E4S (v.8.8)","defaultStatus":"affected","cpes":["cpe:/o:redhat:rhel_e4s:8.8::baseos"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux BaseOS TUS (v.8.8)","defaultStatus":"affected","cpes":["cpe:/o:redhat:rhel_tus:8.8::baseos"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux BaseOS E4S (v.9.2)","defaultStatus":"affected","cpes":["cpe:/o:redhat:rhel_e4s:9.2::baseos"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux BaseOS E4S (v.9.4)","defaultStatus":"affected","cpes":["cpe:/o:redhat:rhel_e4s:9.4::baseos"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux BaseOS EUS (v.9.6)","defaultStatus":"affected","cpes":["cpe:/o:redhat:rhel_eus:9.6::baseos"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux BaseOS (v. 9)","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux:9::baseos"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux CodeReady Linux Builder EUS (v. 10.0)","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux_eus:10.0"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux:10.2"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux CRB (v. 8)","defaultStatus":"affected","cpes":["cpe:/a:redhat:enterprise_linux:8::crb"]},{"vendor":"Red Hat","product":"Red Hat CodeReady Linux Builder EUS (v.9.6)","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhel_eus:9.6::crb"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux CodeReady Linux Builder (v. 9)","defaultStatus":"affected","cpes":["cpe:/a:redhat:enterprise_linux:9::crb"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux Real Time for NFV EUS (v. 10.0)","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux_eus:10.0"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux Real Time for NFV (v. 10)","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux:10.2"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux NFV (v. 8)","defaultStatus":"affected","cpes":["cpe:/a:redhat:enterprise_linux:8::nfv"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux Real Time for NFV E4S (v.9.2)","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhel_e4s:9.2::nfv"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux Real Time for NFV E4S (v.9.4)","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhel_e4s:9.4::nfv"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux Real Time for NFV EUS (v.9.6)","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhel_eus:9.6::nfv"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux Real Time for NFV (v. 9)","defaultStatus":"affected","cpes":["cpe:/a:redhat:enterprise_linux:9::nfv"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux Real Time EUS (v. 10.0)","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux_eus:10.0"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux Real Time (v. 10)","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux:10.2"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux RT (v. 8)","defaultStatus":"affected","cpes":["cpe:/a:redhat:enterprise_linux:8::realtime"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux Real Time E4S (v.9.2)","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhel_e4s:9.2::realtime"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux Real Time E4S (v.9.4)","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhel_e4s:9.4::realtime"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux Real Time EUS (v.9.6)","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhel_eus:9.6::realtime"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux Real Time (v. 9)","defaultStatus":"affected","cpes":["cpe:/a:redhat:enterprise_linux:9::realtime"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux:9"]},{"vendor":"Red Hat","product":"Red Hat OpenShift Container Platform 4","defaultStatus":"affected","cpes":["cpe:/a:redhat:openshift:4"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 10","defaultStatus":"unaffected","cpes":["cpe:/o:redhat:enterprise_linux:10"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 6","defaultStatus":"unaffected","cpes":["cpe:/o:redhat:enterprise_linux:6"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 7","defaultStatus":"unaffected","cpes":["cpe:/o:redhat:enterprise_linux:7"]}]}],"metrics":{"cvssMetricV31":[{"source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-noinfo"}]},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","type":"Secondary","description":[{"lang":"en","value":"CWE-770"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.5","versionEndExcluding":"5.15.203","matchCriteriaId":"CEB6F028-4BB7-4605-A744-94181E84FF0E"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.16","versionEndExcluding":"6.1.168","matchCriteriaId":"E2DDDCA1-6DAB-4018-B920-8F045DDD8D3B"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.2","versionEndExcluding":"6.6.134","matchCriteriaId":"F56F925B-BAF8-4F4B-B62F-1496AF19A307"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.7","versionEndExcluding":"6.12.81","matchCriteriaId":"6EF80433-B33B-43C5-8E64-0FA7B8DCE1BC"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.13","versionEndExcluding":"6.18.22","matchCriteriaId":"C9DF8BCE-36D3-475D-9D21-19E4F02F9029"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.19","versionEndExcluding":"6.19.12","matchCriteriaId":"0A2B9540-02D5-41B4-B16A-82AF66FD4F36"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.0:rc1:*:*:*:*:*:*","matchCriteriaId":"F253B622-8837-4245-BCE5-A7BF8FC76A16"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.0:rc2:*:*:*:*:*:*","matchCriteriaId":"4AE85AD8-4641-4E7C-A2F4-305E2CD9EE64"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.0:rc3:*:*:*:*:*:*","matchCriteriaId":"F666C8D8-6538-46D4-B318-87610DE64C34"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.0:rc4:*:*:*:*:*:*","matchCriteriaId":"02259FDA-961B-47BC-AE7F-93D7EC6E90C2"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.0:rc5:*:*:*:*:*:*","matchCriteriaId":"58A9FEFF-C040-420D-8F0A-BFDAAA1DF258"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.0:rc6:*:*:*:*:*:*","matchCriteriaId":"1D2315C0-D46F-4F85-9754-F9E5E11374A6"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/504c9456699dcf4d15195ef34a0fa94a80bfc877","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/5382bb03e9c33b089d60788478b922a2dca284cc","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/57c78bd2e2dd08897acd35b2bf8bcef322e36f5e","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/76522fcdbc3a02b568f5d957f7e66fc194abb893","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/879959a7a2be814dd57568655eafa3d8f4d0309e","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/ead66c77303f760f6c30be96e2e20d5a77cef614","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/fe9018d3e94329f1951b00805a8640bc06f56ead","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://access.redhat.com/errata/RHSA-2026:23329","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:26427","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:26428","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:27713","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:30848","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:33215","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:33899","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:33900","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:34094","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:34095","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:35863","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:35896","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/security/cve/CVE-2026-43329","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2468124","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-43329.json","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"}]}},{"cve":{"id":"CVE-2026-8450","sourceIdentifier":"9b29abf9-4ab0-4765-b253-1875cd9b441e","published":"2026-05-27T05:16:23.067","lastModified":"2026-07-07T12:17:03.940","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"HTTP::Daemon versions before 6.17 for Perl allow OS command injection via send_file().\n\nsend_file() opens its string argument with Perl's 2-arg open(). The 2-arg form interprets magic prefixes: '| cmd' and 'cmd |' open a pipe to a subprocess, '> path' and '>> path' open the path for write or append.\n\nUntrusted input passed to send_file() can run OS commands at the daemon process UID. The read-pipe form ('cmd |') also leaks subprocess stdout into the HTTP response body. The write-mode forms can create or truncate files at attacker chosen paths."}],"affected":[{"source":"9b29abf9-4ab0-4765-b253-1875cd9b441e","affectedData":[{"vendor":"OALDERS","product":"HTTP::Daemon","defaultStatus":"unaffected","collectionURL":"https://cpan.org/modules","packageName":"HTTP-Daemon","programFiles":["lib/HTTP/Daemon.pm"],"programRoutines":[{"name":"HTTP::Daemon::ClientConn::send_file"}],"repo":"https://github.com/libwww-perl/HTTP-Daemon","versions":[{"version":"0","lessThan":"6.17","versionType":"custom","status":"affected"}]}]},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","affectedData":[{"vendor":"Red Hat","product":"Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux:10.2"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux CRB (v. 8)","defaultStatus":"affected","cpes":["cpe:/a:redhat:enterprise_linux:8::crb"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux CodeReady Linux Builder (v. 9)","defaultStatus":"affected","cpes":["cpe:/a:redhat:enterprise_linux:9::crb"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 7","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux:7"]}]}],"metrics":{"cvssMetricV31":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N","baseScore":9.1,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":5.2},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":8.1,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.2,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-05-27T15:46:44.248133Z","id":"CVE-2026-8450","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"9b29abf9-4ab0-4765-b253-1875cd9b441e","type":"Secondary","description":[{"lang":"en","value":"CWE-73"},{"lang":"en","value":"CWE-78"}]},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","type":"Secondary","description":[{"lang":"en","value":"CWE-78"}]}],"references":[{"url":"https://github.com/libwww-perl/HTTP-Daemon/commit/945d35141d94490f749640bd4390acd6a2193995.patch","source":"9b29abf9-4ab0-4765-b253-1875cd9b441e"},{"url":"https://github.com/libwww-perl/HTTP-Daemon/pull/89","source":"9b29abf9-4ab0-4765-b253-1875cd9b441e"},{"url":"https://metacpan.org/release/OALDERS/HTTP-Daemon-6.17/changes","source":"9b29abf9-4ab0-4765-b253-1875cd9b441e"},{"url":"http://www.openwall.com/lists/oss-security/2026/05/27/5","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://lists.debian.org/debian-lts-announce/2026/06/msg00028.html","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://access.redhat.com/errata/RHSA-2026:36187","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:36188","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:36189","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/security/cve/CVE-2026-8450","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2481773","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-8450.json","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"}]}},{"cve":{"id":"CVE-2026-45852","sourceIdentifier":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","published":"2026-05-27T14:16:57.193","lastModified":"2026-07-07T12:16:51.740","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/rxe: Fix double free in rxe_srq_from_init\n\nIn rxe_srq_from_init(), the queue pointer 'q' is assigned to\n'srq->rq.queue' before copying the SRQ number to user space.\nIf copy_to_user() fails, the function calls rxe_queue_cleanup()\nto free the queue, but leaves the now-invalid pointer in\n'srq->rq.queue'.\n\nThe caller of rxe_srq_from_init() (rxe_create_srq) eventually\ncalls rxe_srq_cleanup() upon receiving the error, which triggers\na second rxe_queue_cleanup() on the same memory, leading to a\ndouble free.\n\nThe call trace looks like this:\n   kmem_cache_free+0x.../0x...\n   rxe_queue_cleanup+0x1a/0x30 [rdma_rxe]\n   rxe_srq_cleanup+0x42/0x60 [rdma_rxe]\n   rxe_elem_release+0x31/0x70 [rdma_rxe]\n   rxe_create_srq+0x12b/0x1a0 [rdma_rxe]\n   ib_create_srq_user+0x9a/0x150 [ib_core]\n\nFix this by moving 'srq->rq.queue = q' after copy_to_user."}],"affected":[{"source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","affectedData":[{"vendor":"Linux","product":"Linux","defaultStatus":"unaffected","programFiles":["drivers/infiniband/sw/rxe/rxe_srq.c"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","versions":[{"version":"aae0484e15f062ad2c2502e68e15dfb8b8f84608","lessThan":"b98ab5494dbd48652561aa0b9c32f10500220745","versionType":"git","status":"affected"},{"version":"aae0484e15f062ad2c2502e68e15dfb8b8f84608","lessThan":"d493e0bfc748a520c349d6c8791b262aa5ad2e4e","versionType":"git","status":"affected"},{"version":"aae0484e15f062ad2c2502e68e15dfb8b8f84608","lessThan":"9abff51163aa1bc275ec356f74fe976291860a7f","versionType":"git","status":"affected"},{"version":"aae0484e15f062ad2c2502e68e15dfb8b8f84608","lessThan":"26793db60925df1e88a29466813d586cbc190b8c","versionType":"git","status":"affected"},{"version":"aae0484e15f062ad2c2502e68e15dfb8b8f84608","lessThan":"ce6f8e007682f378279d4cf83b240f12d52c723b","versionType":"git","status":"affected"},{"version":"aae0484e15f062ad2c2502e68e15dfb8b8f84608","lessThan":"5c07aef09a121a4cd622a71eb0753a9e135c84a8","versionType":"git","status":"affected"},{"version":"aae0484e15f062ad2c2502e68e15dfb8b8f84608","lessThan":"26a9cfe12f4ffdeaa136f252478986fa5f397ddc","versionType":"git","status":"affected"},{"version":"aae0484e15f062ad2c2502e68e15dfb8b8f84608","lessThan":"0beefd0e15d962f497aad750b2d5e9c3570b66d1","versionType":"git","status":"affected"},{"version":"350703fae672d4d649c3562c199eab5ec9dc7c79","versionType":"git","status":"affected"},{"version":"4.19.86","lessThan":"4.20","versionType":"semver","status":"affected"}]},{"vendor":"Linux","product":"Linux","defaultStatus":"affected","programFiles":["drivers/infiniband/sw/rxe/rxe_srq.c"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","versions":[{"version":"4.20","status":"affected"},{"version":"0","lessThan":"4.20","versionType":"semver","status":"unaffected"},{"version":"5.10.259","lessThanOrEqual":"5.10.*","versionType":"semver","status":"unaffected"},{"version":"5.15.210","lessThanOrEqual":"5.15.*","versionType":"semver","status":"unaffected"},{"version":"6.1.176","lessThanOrEqual":"6.1.*","versionType":"semver","status":"unaffected"},{"version":"6.6.128","lessThanOrEqual":"6.6.*","versionType":"semver","status":"unaffected"},{"version":"6.12.75","lessThanOrEqual":"6.12.*","versionType":"semver","status":"unaffected"},{"version":"6.18.14","lessThanOrEqual":"6.18.*","versionType":"semver","status":"unaffected"},{"version":"6.19.4","lessThanOrEqual":"6.19.*","versionType":"semver","status":"unaffected"},{"version":"7.0","lessThanOrEqual":"*","versionType":"original_commit_for_fix","status":"unaffected"}]}]},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","affectedData":[{"vendor":"Red Hat","product":"Red Hat Enterprise Linux Server (v. 7 ELS)","defaultStatus":"affected","cpes":["cpe:/o:redhat:rhel_els:7"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux Server Optional (v. 7 ELS)","defaultStatus":"affected","cpes":["cpe:/o:redhat:rhel_els:7"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream E4S (v.9.4)","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhel_e4s:9.4::appstream"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream EUS (v.9.6)","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhel_eus:9.6::appstream"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream (v. 9)","defaultStatus":"affected","cpes":["cpe:/a:redhat:enterprise_linux:9::appstream"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux BaseOS (v. 8)","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux:8::baseos"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux BaseOS AUS (v.8.4)","defaultStatus":"affected","cpes":["cpe:/o:redhat:rhel_aus:8.4::baseos"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux BaseOS EUS EXTENSION (v.8.4)","defaultStatus":"affected","cpes":["cpe:/o:redhat:rhel_eus_long_life:8.4::baseos"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux BaseOS AUS (v.8.6)","defaultStatus":"affected","cpes":["cpe:/o:redhat:rhel_aus:8.6::baseos"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux BaseOS EUS EXTENSION (v.8.6)","defaultStatus":"affected","cpes":["cpe:/o:redhat:rhel_eus_long_life:8.6::baseos"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux BaseOS E4S (v.8.8)","defaultStatus":"affected","cpes":["cpe:/o:redhat:rhel_e4s:8.8::baseos"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux BaseOS TUS (v.8.8)","defaultStatus":"affected","cpes":["cpe:/o:redhat:rhel_tus:8.8::baseos"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux BaseOS E4S (v.9.4)","defaultStatus":"affected","cpes":["cpe:/o:redhat:rhel_e4s:9.4::baseos"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux BaseOS EUS (v.9.6)","defaultStatus":"affected","cpes":["cpe:/o:redhat:rhel_eus:9.6::baseos"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux BaseOS (v. 9)","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux:9::baseos"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux CRB (v. 8)","defaultStatus":"affected","cpes":["cpe:/a:redhat:enterprise_linux:8::crb"]},{"vendor":"Red Hat","product":"Red Hat CodeReady Linux Builder EUS (v.9.6)","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhel_eus:9.6::crb"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux CodeReady Linux Builder (v. 9)","defaultStatus":"affected","cpes":["cpe:/a:redhat:enterprise_linux:9::crb"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux NFV (v. 8)","defaultStatus":"affected","cpes":["cpe:/a:redhat:enterprise_linux:8::nfv"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux Real Time for NFV E4S (v.9.4)","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhel_e4s:9.4::nfv"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux Real Time for NFV EUS (v.9.6)","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhel_eus:9.6::nfv"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux Real Time for NFV (v. 9)","defaultStatus":"affected","cpes":["cpe:/a:redhat:enterprise_linux:9::nfv"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux RT (v. 8)","defaultStatus":"affected","cpes":["cpe:/a:redhat:enterprise_linux:8::realtime"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux Real Time E4S (v.9.4)","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhel_e4s:9.4::realtime"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux Real Time EUS (v.9.6)","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhel_eus:9.6::realtime"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux Real Time (v. 9)","defaultStatus":"affected","cpes":["cpe:/a:redhat:enterprise_linux:9::realtime"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 7","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux:7"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux:9"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 10","defaultStatus":"unaffected","cpes":["cpe:/o:redhat:enterprise_linux:10"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 6","defaultStatus":"unaffected","cpes":["cpe:/o:redhat:enterprise_linux:6"]}]}],"metrics":{"cvssMetricV31":[{"source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.0,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"HIGH","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.0,"impactScore":5.9}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-415"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.19.86","versionEndExcluding":"5.10.259","matchCriteriaId":"39478F4C-3B38-4564-871C-85BBCB40308B"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.11","versionEndExcluding":"5.15.210","matchCriteriaId":"5E938CDF-D1C4-43D0-98DC-9E11B6B55801"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.16","versionEndExcluding":"6.1.176","matchCriteriaId":"C4446623-5F2B-4DD8-8666-9FAAC285A757"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.2","versionEndExcluding":"6.6.128","matchCriteriaId":"851E9353-6C09-4CC9-877E-E09DB164A3C2"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.7","versionEndExcluding":"6.12.75","matchCriteriaId":"BCE16369-98ED-41CF-8995-DFDC10B288D2"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.13","versionEndExcluding":"6.18.14","matchCriteriaId":"BF463CB7-1F58-4607-B847-77ED23E4B9B7"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.19","versionEndExcluding":"6.19.4","matchCriteriaId":"672A3E79-EC03-479D-8503-361DFBDC8092"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/0beefd0e15d962f497aad750b2d5e9c3570b66d1","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/26793db60925df1e88a29466813d586cbc190b8c","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/26a9cfe12f4ffdeaa136f252478986fa5f397ddc","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/5c07aef09a121a4cd622a71eb0753a9e135c84a8","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/9abff51163aa1bc275ec356f74fe976291860a7f","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/b98ab5494dbd48652561aa0b9c32f10500220745","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/ce6f8e007682f378279d4cf83b240f12d52c723b","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/d493e0bfc748a520c349d6c8791b262aa5ad2e4e","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://access.redhat.com/errata/RHSA-2026:25120","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:25121","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:25217","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:27713","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:33899","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:34094","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:35844","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:35863","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:35896","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/security/cve/CVE-2026-45852","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2482166","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-45852.json","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"}]}},{"cve":{"id":"CVE-2026-46090","sourceIdentifier":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","published":"2026-05-27T14:17:30.547","lastModified":"2026-07-07T12:16:52.327","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\nALSA: aloop: Fix peer runtime UAF during format-change stop\n\nloopback_check_format() may stop the capture side when playback starts\nwith parameters that no longer match a running capture stream. Commit\n826af7fa62e3 (\"ALSA: aloop: Fix racy access at PCM trigger\") moved\nthe peer lookup under cable->lock, but the actual snd_pcm_stop() still\nruns after dropping that lock.\n\nA concurrent close can clear the capture entry from cable->streams[] and\ndetach or free its runtime while the playback trigger path still holds a\nstale peer substream pointer.\n\nKeep a per-cable count of in-flight peer stops before dropping\ncable->lock, and make free_cable() wait for those stops before\ndetaching the runtime. This preserves the existing behavior while\nmaking the peer runtime lifetime explicit."}],"affected":[{"source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","affectedData":[{"vendor":"Linux","product":"Linux","defaultStatus":"unaffected","programFiles":["sound/drivers/aloop.c"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","versions":[{"version":"597603d615d2b19a9e451d8cfac24372856a522d","lessThan":"83bd62fa9620ac98d5d694bde14c50f98c8e7189","versionType":"git","status":"affected"},{"version":"597603d615d2b19a9e451d8cfac24372856a522d","lessThan":"345c24b2bcf0923dfae1ab41497351c68214ff76","versionType":"git","status":"affected"},{"version":"597603d615d2b19a9e451d8cfac24372856a522d","lessThan":"03f52a9c170431e8f10e156b9dc0dae80b3e9198","versionType":"git","status":"affected"},{"version":"597603d615d2b19a9e451d8cfac24372856a522d","lessThan":"bdd9503c3d222d2735b56c7a8b4422ccf3de6e5c","versionType":"git","status":"affected"},{"version":"597603d615d2b19a9e451d8cfac24372856a522d","lessThan":"5d45e34bf001344e2966dabca1897561bbc9e913","versionType":"git","status":"affected"},{"version":"597603d615d2b19a9e451d8cfac24372856a522d","lessThan":"e5c33cdc6f402eab8abd36ecf436b22c9d3a8aff","versionType":"git","status":"affected"}]},{"vendor":"Linux","product":"Linux","defaultStatus":"affected","programFiles":["sound/drivers/aloop.c"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","versions":[{"version":"2.6.37","status":"affected"},{"version":"0","lessThan":"2.6.37","versionType":"semver","status":"unaffected"},{"version":"5.10.259","lessThanOrEqual":"5.10.*","versionType":"semver","status":"unaffected"},{"version":"5.15.210","lessThanOrEqual":"5.15.*","versionType":"semver","status":"unaffected"},{"version":"6.12.88","lessThanOrEqual":"6.12.*","versionType":"semver","status":"unaffected"},{"version":"6.18.27","lessThanOrEqual":"6.18.*","versionType":"semver","status":"unaffected"},{"version":"7.0.4","lessThanOrEqual":"7.0.*","versionType":"semver","status":"unaffected"},{"version":"7.1","lessThanOrEqual":"*","versionType":"original_commit_for_fix","status":"unaffected"}]}]},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","affectedData":[{"vendor":"Red Hat","product":"Red Hat Enterprise Linux Server (v. 7 ELS)","defaultStatus":"affected","cpes":["cpe:/o:redhat:rhel_els:7"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux Server Optional (v. 7 ELS)","defaultStatus":"affected","cpes":["cpe:/o:redhat:rhel_els:7"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream EUS (v. 10.0)","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux_eus:10.0"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream (v. 10)","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux:10.2"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream E4S (v.9.2)","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhel_e4s:9.2::appstream"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream E4S (v.9.4)","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhel_e4s:9.4::appstream"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream EUS (v.9.6)","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhel_eus:9.6::appstream"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream (v. 9)","defaultStatus":"affected","cpes":["cpe:/a:redhat:enterprise_linux:9::appstream"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux BaseOS EUS (v. 10.0)","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux_eus:10.0"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux BaseOS (v. 10)","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux:10.2"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux BaseOS (v. 8)","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux:8::baseos"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux BaseOS AUS (v.8.4)","defaultStatus":"affected","cpes":["cpe:/o:redhat:rhel_aus:8.4::baseos"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux BaseOS EUS EXTENSION (v.8.4)","defaultStatus":"affected","cpes":["cpe:/o:redhat:rhel_eus_long_life:8.4::baseos"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux BaseOS AUS (v.8.6)","defaultStatus":"affected","cpes":["cpe:/o:redhat:rhel_aus:8.6::baseos"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux BaseOS EUS EXTENSION (v.8.6)","defaultStatus":"affected","cpes":["cpe:/o:redhat:rhel_eus_long_life:8.6::baseos"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux BaseOS E4S (v.8.8)","defaultStatus":"affected","cpes":["cpe:/o:redhat:rhel_e4s:8.8::baseos"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux BaseOS TUS (v.8.8)","defaultStatus":"affected","cpes":["cpe:/o:redhat:rhel_tus:8.8::baseos"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux BaseOS E4S (v.9.2)","defaultStatus":"affected","cpes":["cpe:/o:redhat:rhel_e4s:9.2::baseos"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux BaseOS E4S (v.9.4)","defaultStatus":"affected","cpes":["cpe:/o:redhat:rhel_e4s:9.4::baseos"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux BaseOS EUS (v.9.6)","defaultStatus":"affected","cpes":["cpe:/o:redhat:rhel_eus:9.6::baseos"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux BaseOS (v. 9)","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux:9::baseos"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux CodeReady Linux Builder EUS (v. 10.0)","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux_eus:10.0"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux:10.2"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux CRB (v. 8)","defaultStatus":"affected","cpes":["cpe:/a:redhat:enterprise_linux:8::crb"]},{"vendor":"Red Hat","product":"Red Hat CodeReady Linux Builder EUS (v.9.6)","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhel_eus:9.6::crb"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux CodeReady Linux Builder (v. 9)","defaultStatus":"affected","cpes":["cpe:/a:redhat:enterprise_linux:9::crb"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux Real Time for NFV EUS (v. 10.0)","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux_eus:10.0"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux Real Time for NFV (v. 10)","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux:10.2"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux NFV (v. 8)","defaultStatus":"affected","cpes":["cpe:/a:redhat:enterprise_linux:8::nfv"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux Real Time for NFV E4S (v.9.2)","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhel_e4s:9.2::nfv"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux Real Time for NFV E4S (v.9.4)","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhel_e4s:9.4::nfv"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux Real Time for NFV EUS (v.9.6)","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhel_eus:9.6::nfv"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux Real Time for NFV (v. 9)","defaultStatus":"affected","cpes":["cpe:/a:redhat:enterprise_linux:9::nfv"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux Real Time EUS (v. 10.0)","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux_eus:10.0"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux Real Time (v. 10)","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux:10.2"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux RT (v. 8)","defaultStatus":"affected","cpes":["cpe:/a:redhat:enterprise_linux:8::realtime"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux Real Time E4S (v.9.2)","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhel_e4s:9.2::realtime"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux Real Time E4S (v.9.4)","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhel_e4s:9.4::realtime"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux Real Time EUS (v.9.6)","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhel_eus:9.6::realtime"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux Real Time (v. 9)","defaultStatus":"affected","cpes":["cpe:/a:redhat:enterprise_linux:9::realtime"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 7","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux:7"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux:9"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 6","defaultStatus":"unknown","cpes":["cpe:/o:redhat:enterprise_linux:6"]}]}],"metrics":{"cvssMetricV31":[{"source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.0,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"HIGH","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.0,"impactScore":5.9}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-416"}]},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","type":"Secondary","description":[{"lang":"en","value":"CWE-364"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"2.6.37","versionEndExcluding":"5.10.259","matchCriteriaId":"FDF693F3-8226-4C51-AFC4-6ABB2C88B2E8"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.11","versionEndExcluding":"5.15.210","matchCriteriaId":"5E938CDF-D1C4-43D0-98DC-9E11B6B55801"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.16","versionEndExcluding":"6.12.88","matchCriteriaId":"5580C6A4-7EEF-4B93-929B-7FBDBA90F554"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.13","versionEndExcluding":"6.18.27","matchCriteriaId":"A10AC84F-C058-47D5-85B4-E6E51A613B74"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.19","versionEndExcluding":"7.0.4","matchCriteriaId":"CDB78D6D-22C3-4154-B0D0-94AF1CE5C2E3"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc1:*:*:*:*:*:*","matchCriteriaId":"B1EF7059-E670-45F4-B422-54C40FA86390"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/03f52a9c170431e8f10e156b9dc0dae80b3e9198","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/345c24b2bcf0923dfae1ab41497351c68214ff76","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/5d45e34bf001344e2966dabca1897561bbc9e913","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/83bd62fa9620ac98d5d694bde14c50f98c8e7189","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/bdd9503c3d222d2735b56c7a8b4422ccf3de6e5c","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/e5c33cdc6f402eab8abd36ecf436b22c9d3a8aff","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://access.redhat.com/errata/RHSA-2026:27353","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:27354","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:30848","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:33215","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:33685","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:33899","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:33900","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:34094","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:34095","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:34443","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:35844","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:35863","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:35896","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/security/cve/CVE-2026-46090","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2481980","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-46090.json","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"}]}},{"cve":{"id":"CVE-2026-46116","sourceIdentifier":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","published":"2026-05-28T10:16:27.080","lastModified":"2026-07-07T12:16:52.660","vulnStatus":"Undergoing Analysis","cveTags":[],"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\nxfrm: defensively unhash xfrm_state lists in __xfrm_state_delete\n\nKASAN reproduces a slab-use-after-free in __xfrm_state_delete()'s\nhlist_del_rcu calls under syzkaller load on linux-6.12.y stable\n(reproduced on 6.12.47, also reachable via the same code path on\ntorvalds/master and on the ipsec tree). Nine unique signatures cluster\nin the xfrm_state lifecycle, the load-bearing one being:\n\n  BUG: KASAN: slab-use-after-free in __hlist_del include/linux/list.h:990 [inline]\n  BUG: KASAN: slab-use-after-free in hlist_del_rcu include/linux/rculist.h:516 [inline]\n  BUG: KASAN: slab-use-after-free in __xfrm_state_delete net/xfrm/xfrm_state.c\n  Write of size 8 at addr ffff8881198bcb70 by task kworker/u8:9/435\n\n  Workqueue: netns cleanup_net\n  Call Trace:\n   __hlist_del / hlist_del_rcu\n   __xfrm_state_delete\n   xfrm_state_delete\n   xfrm_state_flush\n   xfrm_state_fini\n   ops_exit_list\n   cleanup_net\n\nThe other observed signatures hit the same slab object from\n__xfrm_state_lookup, xfrm_alloc_spi, __xfrm_state_insert and an OOB\nwrite variant of __xfrm_state_delete, all on the byseq/byspi\nhash chains.\n\n__xfrm_state_delete() guards its byseq and byspi unhashes with\nvalue-based predicates:\n\n\tif (x->km.seq)\n\t\thlist_del_rcu(&x->byseq);\n\tif (x->id.spi)\n\t\thlist_del_rcu(&x->byspi);\n\nwhile everywhere else in the file (e.g. state_cache, state_cache_input)\nthe safer hlist_unhashed() check is used. xfrm_alloc_spi() sets\nx->id.spi = newspi inside xfrm_state_lock and then immediately inserts\ninto byspi, but a path that observes x->id.spi != 0 outside of\nxfrm_state_lock can still skip-or-hit the byspi unhash inconsistently\nwith whether x is actually on the list. The same holds for x->km.seq\nversus byseq, and the bydst/bysrc unhashes have no predicate at all,\nso a second __xfrm_state_delete() on the same object writes through\nLIST_POISON pprev.\n\nThe defensive change here:\n\n  - Use hlist_del_init_rcu() instead of hlist_del_rcu() on bydst,\n    bysrc, byseq and byspi so a second deletion is a no-op rather\n    than a write through LIST_POISON pprev. The byseq/byspi nodes\n    are already initialised in xfrm_state_alloc().\n  - Test hlist_unhashed() rather than the value predicate for\n    byseq/byspi, so the unhash decision tracks list state rather than\n    mutable scalar fields.\n\nEmpirical verification: applied this patch on top of v6.12.47, rebuilt,\nand re-ran the same syzkaller harness for 1h16m on a previously-crashy\nconfiguration that produced ~100 hits each of slab-use-after-free\nRead in xfrm_alloc_spi / Read in __xfrm_state_lookup / Write in\n__xfrm_state_delete. After the patch, 7.1M execs across 32 VMs at\n~1550 exec/sec produced zero xfrm_state UAF/OOB hits. /proc/slabinfo\nconfirms the xfrm_state slab is actively allocated and freed during\nthe run (~143 KiB resident), so the fuzzer is still exercising those\ncode paths -- they just no longer crash.\n\nReproduction:\n\n  - Linux 6.12.47 x86_64 + KASAN_GENERIC + KASAN_INLINE + KCOV\n  - syzkaller @ 746545b8b1e4c3a128db8652b340d3df90ce61db\n  - 32 QEMU/KVM VMs x 2 vCPU on AWS c5.metal bare metal\n  - 9 unique signatures collected in ~9h, all within xfrm_state\n    lifecycle"}],"affected":[{"source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","affectedData":[{"vendor":"Linux","product":"Linux","defaultStatus":"unaffected","programFiles":["net/xfrm/xfrm_state.c"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","versions":[{"version":"7b4dc3600e4877178ba94c7fbf7e520421378aa6","lessThan":"3943fcad7694a7d0b15aeabe7d3cc2a2eb8e92e8","versionType":"git","status":"affected"},{"version":"7b4dc3600e4877178ba94c7fbf7e520421378aa6","lessThan":"2c617848ae6e4f07a3e397f604208c293bbecacc","versionType":"git","status":"affected"},{"version":"7b4dc3600e4877178ba94c7fbf7e520421378aa6","lessThan":"b4a53add2fa8f1b5aa17d4c5686c320785fab182","versionType":"git","status":"affected"},{"version":"7b4dc3600e4877178ba94c7fbf7e520421378aa6","lessThan":"26edb0a3c99f9d958c212be68b21f1221614dcf0","versionType":"git","status":"affected"},{"version":"7b4dc3600e4877178ba94c7fbf7e520421378aa6","lessThan":"4980162de555cb838f1a189ce7d2cbf5d2e7b050","versionType":"git","status":"affected"},{"version":"7b4dc3600e4877178ba94c7fbf7e520421378aa6","lessThan":"a2e2d08fb070fab4947447171f1c4e3ca5a188e5","versionType":"git","status":"affected"},{"version":"7b4dc3600e4877178ba94c7fbf7e520421378aa6","lessThan":"14acf9652e5690de3c7486c6db5fb8dafd0a32a3","versionType":"git","status":"affected"}]},{"vendor":"Linux","product":"Linux","defaultStatus":"affected","programFiles":["net/xfrm/xfrm_state.c"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","versions":[{"version":"2.6.19","status":"affected"},{"version":"0","lessThan":"2.6.19","versionType":"semver","status":"unaffected"},{"version":"5.15.210","lessThanOrEqual":"5.15.*","versionType":"semver","status":"unaffected"},{"version":"6.1.176","lessThanOrEqual":"6.1.*","versionType":"semver","status":"unaffected"},{"version":"6.6.140","lessThanOrEqual":"6.6.*","versionType":"semver","status":"unaffected"},{"version":"6.12.88","lessThanOrEqual":"6.12.*","versionType":"semver","status":"unaffected"},{"version":"6.18.30","lessThanOrEqual":"6.18.*","versionType":"semver","status":"unaffected"},{"version":"7.0.7","lessThanOrEqual":"7.0.*","versionType":"semver","status":"unaffected"},{"version":"7.1","lessThanOrEqual":"*","versionType":"original_commit_for_fix","status":"unaffected"}]}]},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","affectedData":[{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream (v. 9)","defaultStatus":"affected","cpes":["cpe:/a:redhat:enterprise_linux:9::appstream"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux BaseOS (v. 9)","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux:9::baseos"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux CodeReady Linux Builder (v. 9)","defaultStatus":"affected","cpes":["cpe:/a:redhat:enterprise_linux:9::crb"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux Real Time for NFV (v. 9)","defaultStatus":"affected","cpes":["cpe:/a:redhat:enterprise_linux:9::nfv"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux Real Time (v. 9)","defaultStatus":"affected","cpes":["cpe:/a:redhat:enterprise_linux:9::realtime"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 10","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux:10"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 7","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux:7"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux:8"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux:9"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 6","defaultStatus":"unknown","cpes":["cpe:/o:redhat:enterprise_linux:6"]}]}],"metrics":{"cvssMetricV31":[{"source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.0,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"HIGH","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.0,"impactScore":5.9}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-416"}]},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","type":"Secondary","description":[{"lang":"en","value":"CWE-763"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"2.6.19","versionEndExcluding":"5.15.210","matchCriteriaId":"FC04E817-5B0B-407B-8E17-92A265260B4F"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.16","versionEndExcluding":"6.1.176","matchCriteriaId":"C4446623-5F2B-4DD8-8666-9FAAC285A757"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.2","versionEndExcluding":"6.6.140","matchCriteriaId":"A1A92866-F406-43B5-B2D1-CFC274753E9D"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.7","versionEndExcluding":"6.12.88","matchCriteriaId":"5AFBE0EC-CCDF-4207-AE92-ABF958125CA4"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.13","versionEndExcluding":"6.18.30","matchCriteriaId":"BF39AE08-AE6D-4410-8FBE-76F6BF5BF55B"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.19","versionEndExcluding":"7.0.7","matchCriteriaId":"D0893CA7-9AE6-4DFE-AC75-48967D73AD8E"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc1:*:*:*:*:*:*","matchCriteriaId":"B1EF7059-E670-45F4-B422-54C40FA86390"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc2:*:*:*:*:*:*","matchCriteriaId":"0D38F0BF-A728-4133-A358-D44A2F7EE6D6"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/14acf9652e5690de3c7486c6db5fb8dafd0a32a3","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/26edb0a3c99f9d958c212be68b21f1221614dcf0","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/2c617848ae6e4f07a3e397f604208c293bbecacc","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/3943fcad7694a7d0b15aeabe7d3cc2a2eb8e92e8","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/4980162de555cb838f1a189ce7d2cbf5d2e7b050","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/a2e2d08fb070fab4947447171f1c4e3ca5a188e5","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/b4a53add2fa8f1b5aa17d4c5686c320785fab182","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://access.redhat.com/errata/RHSA-2026:36018","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/security/cve/CVE-2026-46116","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2482523","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-46116.json","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"}]}},{"cve":{"id":"CVE-2026-46244","sourceIdentifier":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","published":"2026-06-03T18:16:24.430","lastModified":"2026-07-07T12:16:54.287","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nft_inner: Fix IPv6 inner_thoff desync\n\nIn nft_inner_parse_l2l3(), when processing inner IPv6 packets,\nipv6_find_hdr() correctly computes the transport header offset\ntraversing all extension headers, but the result is immediately\noverwritten with nhoff + sizeof(_ip6h) (40 bytes), which only\naccounts for the IPv6 base header. This creates a desync between\ninner_thoff (wrong — points to extension header start) and l4proto\n(correct — e.g., IPPROTO_TCP), enabling transport header forgery\nand potential firewall bypass. This issue affects stable versions\nfrom Linux 6.2.\n\nFor comparison, the normal (non-inner) IPv6 path correctly\npreserves ipv6_find_hdr()'s result. Removing the incorrect overwrite\nensures that ipv6_find_hdr()'s calculated transport header offset is\npreserved, thereby fixing the desynchronization."}],"affected":[{"source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","affectedData":[{"vendor":"Linux","product":"Linux","defaultStatus":"unaffected","programFiles":["net/netfilter/nft_inner.c"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","versions":[{"version":"3a07327d10a09379315c844c63f27941f5081e0a","lessThan":"c161ad9157f5a0429b5ff94d9770faf3bf48d273","versionType":"git","status":"affected"},{"version":"3a07327d10a09379315c844c63f27941f5081e0a","lessThan":"870d59e2cf218e7418491e26bad768cb16654582","versionType":"git","status":"affected"},{"version":"3a07327d10a09379315c844c63f27941f5081e0a","lessThan":"689bbf48c1f45130086ae1c46ab83ea4c753c601","versionType":"git","status":"affected"},{"version":"3a07327d10a09379315c844c63f27941f5081e0a","lessThan":"d0f98a3617f6ae5b1e95cde1e68e7ead4a1279ce","versionType":"git","status":"affected"},{"version":"3a07327d10a09379315c844c63f27941f5081e0a","lessThan":"b6a91f68ebfed9c38e0e9150f58a9b85da07181c","versionType":"git","status":"affected"}]},{"vendor":"Linux","product":"Linux","defaultStatus":"affected","programFiles":["net/netfilter/nft_inner.c"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","versions":[{"version":"6.2","status":"affected"},{"version":"0","lessThan":"6.2","versionType":"semver","status":"unaffected"},{"version":"6.6.142","lessThanOrEqual":"6.6.*","versionType":"semver","status":"unaffected"},{"version":"6.12.92","lessThanOrEqual":"6.12.*","versionType":"semver","status":"unaffected"},{"version":"6.18.34","lessThanOrEqual":"6.18.*","versionType":"semver","status":"unaffected"},{"version":"7.0.11","lessThanOrEqual":"7.0.*","versionType":"semver","status":"unaffected"},{"version":"7.1","lessThanOrEqual":"*","versionType":"original_commit_for_fix","status":"unaffected"}]}]},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","affectedData":[{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream EUS (v. 10.0)","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux_eus:10.0"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream (v. 10)","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux:10.2"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream E4S (v.9.4)","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhel_e4s:9.4::appstream"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream EUS (v.9.6)","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhel_eus:9.6::appstream"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream (v. 9)","defaultStatus":"affected","cpes":["cpe:/a:redhat:enterprise_linux:9::appstream"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux BaseOS EUS (v. 10.0)","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux_eus:10.0"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux BaseOS (v. 10)","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux:10.2"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux BaseOS E4S (v.9.4)","defaultStatus":"affected","cpes":["cpe:/o:redhat:rhel_e4s:9.4::baseos"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux BaseOS EUS (v.9.6)","defaultStatus":"affected","cpes":["cpe:/o:redhat:rhel_eus:9.6::baseos"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux BaseOS (v. 9)","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux:9::baseos"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux CodeReady Linux Builder EUS (v. 10.0)","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux_eus:10.0"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux:10.2"]},{"vendor":"Red Hat","product":"Red Hat CodeReady Linux Builder EUS (v.9.6)","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhel_eus:9.6::crb"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux CodeReady Linux Builder (v. 9)","defaultStatus":"affected","cpes":["cpe:/a:redhat:enterprise_linux:9::crb"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux Real Time for NFV EUS (v. 10.0)","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux_eus:10.0"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux Real Time for NFV (v. 10)","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux:10.2"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux Real Time for NFV E4S (v.9.4)","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhel_e4s:9.4::nfv"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux Real Time for NFV EUS (v.9.6)","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhel_eus:9.6::nfv"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux Real Time for NFV (v. 9)","defaultStatus":"affected","cpes":["cpe:/a:redhat:enterprise_linux:9::nfv"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux Real Time EUS (v. 10.0)","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux_eus:10.0"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux Real Time (v. 10)","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux:10.2"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux Real Time E4S (v.9.4)","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhel_e4s:9.4::realtime"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux Real Time EUS (v.9.6)","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhel_eus:9.6::realtime"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux Real Time (v. 9)","defaultStatus":"affected","cpes":["cpe:/a:redhat:enterprise_linux:9::realtime"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux:9"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 6","defaultStatus":"unaffected","cpes":["cpe:/o:redhat:enterprise_linux:6"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 7","defaultStatus":"unaffected","cpes":["cpe:/o:redhat:enterprise_linux:7"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8","defaultStatus":"unaffected","cpes":["cpe:/o:redhat:enterprise_linux:8"]}]}],"metrics":{"cvssMetricV31":[{"source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N","baseScore":9.1,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":5.2},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H","baseScore":7.3,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"LOW","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.5}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-noinfo"}]},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","type":"Secondary","description":[{"lang":"en","value":"CWE-823"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.2","versionEndExcluding":"6.6.142","matchCriteriaId":"FBFF77B0-526A-4AF1-84D0-ED7187624A67"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.7","versionEndExcluding":"6.12.92","matchCriteriaId":"9CB90BD9-95B7-4D7F-9F17-4ECE6CFB66C9"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.13","versionEndExcluding":"6.18.34","matchCriteriaId":"A4B1EF6D-18D7-4838-BC37-7499D5DCC3C0"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.19","versionEndExcluding":"7.0.11","matchCriteriaId":"0520D091-FC52-4A50-AF07-70AE7D08B750"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc1:*:*:*:*:*:*","matchCriteriaId":"B1EF7059-E670-45F4-B422-54C40FA86390"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc2:*:*:*:*:*:*","matchCriteriaId":"0D38F0BF-A728-4133-A358-D44A2F7EE6D6"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc3:*:*:*:*:*:*","matchCriteriaId":"EC732D08-5F7B-46D9-B154-E60C7F4F0A97"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc4:*:*:*:*:*:*","matchCriteriaId":"E5910A9D-F60A-409A-B486-FE66BFEBA9B9"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/689bbf48c1f45130086ae1c46ab83ea4c753c601","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/870d59e2cf218e7418491e26bad768cb16654582","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/b6a91f68ebfed9c38e0e9150f58a9b85da07181c","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/c161ad9157f5a0429b5ff94d9770faf3bf48d273","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/d0f98a3617f6ae5b1e95cde1e68e7ead4a1279ce","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://access.redhat.com/errata/RHSA-2026:33215","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:34094","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:34443","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:34911","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:36018","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/security/cve/CVE-2026-46244","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2484451","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-46244.json","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"}]}},{"cve":{"id":"CVE-2026-53694","sourceIdentifier":"5a6e4751-2f3f-4070-9419-94fb35b644e8","published":"2026-06-10T16:17:17.093","lastModified":"2026-07-07T16:16:39.927","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"Improper Neutralization of Argument Delimiters in a Command ('Argument Injection') vulnerability in Nomachine allows Argument Injection.This issue affects Nomachine: before 9.5.7, before 8.23.2."}],"affected":[{"source":"5a6e4751-2f3f-4070-9419-94fb35b644e8","affectedData":[{"vendor":"NoMachine","product":"NoMachine","defaultStatus":"unaffected","platforms":["Windows","Linux","MacOS","x86","ARM","64 bit","32 bit"],"versions":[{"version":"7.0.0","lessThan":"9.5.7","versionType":"semver","status":"affected"},{"version":"7.0.0","lessThan":"8.23.2","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"5a6e4751-2f3f-4070-9419-94fb35b644e8","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":7.3,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","attackRequirements":"PRESENT","privilegesRequired":"LOW","userInteraction":"NONE","vulnConfidentialityImpact":"HIGH","vulnIntegrityImpact":"HIGH","vulnAvailabilityImpact":"HIGH","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-10T16:08:01.328415Z","id":"CVE-2026-53694","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"5a6e4751-2f3f-4070-9419-94fb35b644e8","type":"Secondary","description":[{"lang":"en","value":"CWE-88"}]}],"references":[{"url":"https://kb.nomachine.com/SU05X00274","source":"5a6e4751-2f3f-4070-9419-94fb35b644e8"},{"url":"https://kb.nomachine.com/SU05X00275","source":"5a6e4751-2f3f-4070-9419-94fb35b644e8"}]}},{"cve":{"id":"CVE-2026-0267","sourceIdentifier":"psirt@paloaltonetworks.com","published":"2026-06-10T22:16:53.187","lastModified":"2026-07-07T15:01:21.650","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"An information exposure vulnerability in the Palo Alto Networks GlobalProtect app on macOS enables a local user to learn the configured passcodes for disabling, disconnecting, or uninstalling the GlobalProtect app. After the passcode is known, the user can perform these actions even if the GlobalProtect app configuration would not normally permit them to do so."}],"affected":[{"source":"psirt@paloaltonetworks.com","affectedData":[{"vendor":"Palo Alto Networks","product":"GlobalProtect App","defaultStatus":"unaffected","cpes":["cpe:2.3:a:palo_alto_networks:globalprotect_app:6.3.3:*:*:*:*:macOS:*:*","cpe:2.3:a:palo_alto_networks:globalprotect_app:6.3.2:*:*:*:*:macOS:*:*","cpe:2.3:a:palo_alto_networks:globalprotect_app:6.3.1:*:*:*:*:macOS:*:*","cpe:2.3:a:palo_alto_networks:globalprotect_app:6.3.0:*:*:*:*:macOS:*:*","cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.8:*:*:*:*:macOS:*:*","cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.7:*:*:*:*:macOS:*:*","cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.6:*:*:*:*:macOS:*:*","cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.4:*:*:*:*:macOS:*:*","cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.3:*:*:*:*:macOS:*:*","cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.2:*:*:*:*:macOS:*:*","cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.1:*:*:*:*:macOS:*:*","cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.0:*:*:*:*:macOS:*:*"],"platforms":["macOS"],"versions":[{"version":"6.3.0","lessThan":"6.3.3-h1","versionType":"custom","status":"affected","changes":[{"at":"6.3.3-h1","status":"unaffected"}]},{"version":"6.2.0","lessThan":"6.2.8-h2","versionType":"custom","status":"affected","changes":[{"at":"6.2.8-h2","status":"unaffected"}]}]},{"vendor":"Palo Alto Networks","product":"GlobalProtect App","defaultStatus":"unaffected","platforms":["Windows","Linux","iOS","Android","Chrome OS"],"versions":[{"version":"All","versionType":"custom","status":"unaffected"}]},{"vendor":"Palo Alto Networks","product":"GlobalProtect UWP App","defaultStatus":"unaffected","versions":[{"version":"All","versionType":"custom","status":"unaffected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"psirt@paloaltonetworks.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:L/SC:N/SI:N/SA:N/E:U/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:N/R:A/V:D/RE:M/U:Amber","baseScore":4.4,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"LOW","userInteraction":"NONE","vulnConfidentialityImpact":"HIGH","vulnIntegrityImpact":"NONE","vulnAvailabilityImpact":"LOW","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"UNREPORTED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NO","Recovery":"AUTOMATIC","valueDensity":"DIFFUSE","vulnerabilityResponseEffort":"MODERATE","providerUrgency":"AMBER"}}],"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N","baseScore":5.5,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":1.8,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-11T14:41:13.659641Z","id":"CVE-2026-0267","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"psirt@paloaltonetworks.com","type":"Secondary","description":[{"lang":"en","value":"CWE-532"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:paloaltonetworks:globalprotect:*:*:*:*:*:macos:*:*","versionStartIncluding":"6.2.0","versionEndExcluding":"6.2.8","matchCriteriaId":"84C4C650-DBCF-488A-AD29-84347162D48B"},{"vulnerable":true,"criteria":"cpe:2.3:a:paloaltonetworks:globalprotect:*:*:*:*:*:macos:*:*","versionStartIncluding":"6.3.0","versionEndExcluding":"6.3.3","matchCriteriaId":"EFAA1A23-5A3C-48FA-8672-D8329D67A14C"},{"vulnerable":true,"criteria":"cpe:2.3:a:paloaltonetworks:globalprotect:6.2.8:-:*:*:*:macos:*:*","matchCriteriaId":"F781BC4A-B907-4393-A94A-D200A0BD73E3"},{"vulnerable":true,"criteria":"cpe:2.3:a:paloaltonetworks:globalprotect:6.2.8:h1:*:*:*:macos:*:*","matchCriteriaId":"77C49DC4-CC2B-46C3-9122-40B399E657A6"},{"vulnerable":true,"criteria":"cpe:2.3:a:paloaltonetworks:globalprotect:6.3.3:-:*:*:*:macos:*:*","matchCriteriaId":"47AAC03D-0E33-430D-AB58-CABCC1546285"}]}]}],"references":[{"url":"https://security.paloaltonetworks.com/CVE-2024-8687","source":"psirt@paloaltonetworks.com","tags":["Not Applicable"]},{"url":"https://security.paloaltonetworks.com/CVE-2026-0267","source":"psirt@paloaltonetworks.com","tags":["Vendor Advisory","Mitigation"]}]}},{"cve":{"id":"CVE-2026-45169","sourceIdentifier":"psirt@paloaltonetworks.com","published":"2026-06-12T05:16:32.703","lastModified":"2026-07-07T15:22:30.790","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Idira Privileged Access Manager (PAM) Self-Hosted Vault versions prior to 15.0.3, 14.6.5, 14.2.7, and 14.0.8 exhibit a validation vulnerability. Under specific circumstances and configuration scenarios, processing unexpected input could potentially lead to an unexpected service termination, resulting in a localized denial of service (DoS). CyberArk Security Bulletin: CA26-17"}],"affected":[{"source":"psirt@paloaltonetworks.com","affectedData":[{"vendor":"CyberArk Software, a Palo Alto Networks Company","product":"PAM SH Vault","defaultStatus":"unaffected","versions":[{"version":"14.0","lessThan":"14.0.8","versionType":"custom","status":"affected","changes":[{"at":"14.0.8","status":"unaffected"}]},{"version":"14.2","lessThan":"14.2.7","versionType":"custom","status":"affected","changes":[{"at":"14.2.7","status":"unaffected"}]},{"version":"14.6","lessThan":"14.6.5","versionType":"custom","status":"affected","changes":[{"at":"14.6.5","status":"unaffected"}]},{"version":"15.0","lessThan":"15.0.3","versionType":"custom","status":"affected","changes":[{"at":"15.0.3","status":"unaffected"}]}]}]}],"metrics":{"cvssMetricV40":[{"source":"psirt@paloaltonetworks.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:Amber","baseScore":8.7,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"NONE","userInteraction":"NONE","vulnConfidentialityImpact":"NONE","vulnIntegrityImpact":"NONE","vulnAvailabilityImpact":"HIGH","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"LOW","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"AMBER"}}],"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H","baseScore":8.6,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":4.0}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-12T14:01:28.666641Z","id":"CVE-2026-45169","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"psirt@paloaltonetworks.com","type":"Secondary","description":[{"lang":"en","value":"CWE-400"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:paloaltonetworks:idira_privileged_access_manager_vault:*:*:*:*:*:*:*:*","versionStartIncluding":"14.0","versionEndExcluding":"14.0.8","matchCriteriaId":"FD558079-EBB8-4EC9-AEAB-EC5692DAB048"},{"vulnerable":true,"criteria":"cpe:2.3:a:paloaltonetworks:idira_privileged_access_manager_vault:*:*:*:*:*:*:*:*","versionStartIncluding":"14.2","versionEndExcluding":"14.2.7","matchCriteriaId":"0A0C5FA8-89BC-4B95-B987-985017C33141"},{"vulnerable":true,"criteria":"cpe:2.3:a:paloaltonetworks:idira_privileged_access_manager_vault:*:*:*:*:*:*:*:*","versionStartIncluding":"14.6","versionEndExcluding":"14.6.5","matchCriteriaId":"90D45338-4F17-41BE-85CB-6F6CEBDE9A73"},{"vulnerable":true,"criteria":"cpe:2.3:a:paloaltonetworks:idira_privileged_access_manager_vault:*:*:*:*:*:*:*:*","versionStartIncluding":"15.0","versionEndIncluding":"15.0.3","matchCriteriaId":"FC1D2F34-9AF6-4AC8-AB5B-1538D74A4C0B"}]}]}],"references":[{"url":"https://docs.cyberark.com/pam-self-hosted/latest/en/content/release%20notes/rn-whatsnew14-0-8.htm","source":"psirt@paloaltonetworks.com","tags":["Release Notes","Vendor Advisory"]},{"url":"https://docs.cyberark.com/pam-self-hosted/latest/en/content/release%20notes/rn-whatsnew14-2-7.htm","source":"psirt@paloaltonetworks.com","tags":["Release Notes","Vendor Advisory"]},{"url":"https://docs.cyberark.com/pam-self-hosted/latest/en/content/release%20notes/rn-whatsnew14-6-vault.htm#14.6.5","source":"psirt@paloaltonetworks.com","tags":["Release Notes","Vendor Advisory"]},{"url":"https://docs.cyberark.com/pam-self-hosted/latest/en/content/release%20notes/rn-whatsnew15-0-vault.htm#15.0.3","source":"psirt@paloaltonetworks.com","tags":["Release Notes","Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-41523","sourceIdentifier":"security-advisories@github.com","published":"2026-06-22T23:16:30.200","lastModified":"2026-07-07T12:16:42.377","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"vLLM is an inference and serving engine for large language models (LLMs). Prior to 0.22.0, an assert-based security check in vLLM's activation function loading allows any unauthenticated attacker to achieve arbitrary code execution on the server by publishing a malicious HuggingFace model, when vLLM runs in Python optimized mode (python -O or PYTHONOPTIMIZE=1). This vulnerability is fixed in 0.22.0."}],"affected":[{"source":"security-advisories@github.com","affectedData":[{"vendor":"vllm-project","product":"vllm","versions":[{"version":"< 0.22.0","status":"affected"}]}]},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","affectedData":[{"vendor":"Red Hat","product":"Red Hat AI Inference Server 3.2","defaultStatus":"affected","cpes":["cpe:/a:redhat:ai_inference_server:3.2::el9"]},{"vendor":"Red Hat","product":"Red Hat AI Inference Server","defaultStatus":"affected","cpes":["cpe:/a:redhat:ai_inference_server:3"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AI (RHEL AI) 3","defaultStatus":"affected","cpes":["cpe:/a:redhat:enterprise_linux_ai:3"]},{"vendor":"Red Hat","product":"Red Hat OpenShift AI (RHOAI)","defaultStatus":"affected","cpes":["cpe:/a:redhat:openshift_ai"]}]}],"metrics":{"cvssMetricV31":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.6,"impactScore":5.9},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.6,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-23T12:23:15.308986Z","id":"CVE-2026-41523","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-94"},{"lang":"en","value":"CWE-617"}]},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","type":"Secondary","description":[{"lang":"en","value":"CWE-617"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:vllm:vllm:*:*:*:*:*:*:*:*","versionEndExcluding":"0.22.0","matchCriteriaId":"981922E2-F268-4829-9CDE-3A165F3808B9"}]}]}],"references":[{"url":"https://github.com/vllm-project/vllm/commit/b3c7ffcab82c2439726f8cb213800f6f38c023d3","source":"security-advisories@github.com","tags":["Patch"]},{"url":"https://github.com/vllm-project/vllm/security/advisories/GHSA-q8gq-377p-jq3r","source":"security-advisories@github.com","tags":["Exploit","Third Party Advisory"]},{"url":"https://huntr.com/bounties/dcb05b04-e625-41e7-adbc-bbae0cc2d64c","source":"security-advisories@github.com","tags":["Third Party Advisory"]},{"url":"https://access.redhat.com/errata/RHSA-2026:36005","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:36006","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/security/cve/CVE-2026-41523","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2491582","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-41523.json","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"}]}},{"cve":{"id":"CVE-2026-48746","sourceIdentifier":"security-advisories@github.com","published":"2026-06-22T23:16:30.490","lastModified":"2026-07-07T12:16:56.107","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"vLLM is an inference and serving engine for large language models (LLMs). From 0.3.0 until 0.22.0, a vulnerability in ASGI web servers and starlette's trust on those web servers enables an authentication bypass of the OpenAI API AuthenticationMiddleware. It allows to use the API without providing the configured VLLM_API_KEY or --api-key. This vulnerability is fixed in 0.22.0."}],"affected":[{"source":"security-advisories@github.com","affectedData":[{"vendor":"vllm-project","product":"vllm","versions":[{"version":">= 0.3.0, < 0.22.0","status":"affected"}]}]},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","affectedData":[{"vendor":"Red Hat","product":"Red Hat AI Inference Server 3.2","defaultStatus":"affected","cpes":["cpe:/a:redhat:ai_inference_server:3.2::el9"]},{"vendor":"Red Hat","product":"Red Hat AI Inference Server 3.3","defaultStatus":"affected","cpes":["cpe:/a:redhat:ai_inference_server:3.3::el9"]},{"vendor":"Red Hat","product":"Exploit Intelligence","defaultStatus":"affected","cpes":["cpe:/a:redhat:exploit_intelligence:0"]},{"vendor":"Red Hat","product":"Migration Toolkit for Applications 8","defaultStatus":"affected","cpes":["cpe:/a:redhat:migration_toolkit_applications:8"]},{"vendor":"Red Hat","product":"OpenShift Lightspeed","defaultStatus":"affected","cpes":["cpe:/a:redhat:openshift_lightspeed"]},{"vendor":"Red Hat","product":"Red Hat AI Inference Server","defaultStatus":"affected","cpes":["cpe:/a:redhat:ai_inference_server:3"]},{"vendor":"Red Hat","product":"Red Hat Ansible Automation Platform 2","defaultStatus":"affected","cpes":["cpe:/a:redhat:ansible_automation_platform:2"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AI (RHEL AI) 3","defaultStatus":"affected","cpes":["cpe:/a:redhat:enterprise_linux_ai:3"]},{"vendor":"Red Hat","product":"Red Hat OpenShift AI (RHOAI)","defaultStatus":"affected","cpes":["cpe:/a:redhat:openshift_ai"]},{"vendor":"Red Hat","product":"Red Hat Hardened Images","defaultStatus":"unaffected","cpes":["cpe:/a:redhat:hummingbird:1"]},{"vendor":"Red Hat","product":"Red Hat Satellite 6","defaultStatus":"unaffected","cpes":["cpe:/a:redhat:satellite:6"]}]}],"metrics":{"cvssMetricV31":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H","baseScore":9.1,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.2},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H","baseScore":9.1,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.2}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-23T14:01:22.798843Z","id":"CVE-2026-48746","options":[{"exploitation":"poc"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-444"}]},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","type":"Secondary","description":[{"lang":"en","value":"CWE-501"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:vllm:vllm:*:*:*:*:*:*:*:*","versionStartIncluding":"0.3.0","versionEndExcluding":"0.22.0","matchCriteriaId":"0D7B8DAA-6987-468A-9721-05A123DB61E3"}]}]}],"references":[{"url":"https://github.com/vllm-project/vllm/pull/43426","source":"security-advisories@github.com","tags":["Issue Tracking"]},{"url":"https://github.com/vllm-project/vllm/security/advisories/GHSA-94f4-hr76-p5j6","source":"security-advisories@github.com","tags":["Third Party Advisory"]},{"url":"https://x41-dsec.de/lab/advisories/x41-2026-002-starlette","source":"security-advisories@github.com","tags":["Third Party Advisory"]},{"url":"https://access.redhat.com/errata/RHSA-2026:30088","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:30089","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:36005","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:36006","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/security/cve/CVE-2026-48746","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2491581","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-48746.json","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://x41-dsec.de/lab/advisories/x41-2026-002-starlette","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","tags":["Third Party Advisory"]}]}},{"cve":{"id":"CVE-2026-53133","sourceIdentifier":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","published":"2026-06-25T09:16:30.537","lastModified":"2026-07-07T17:02:08.907","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/umem: Fix truncation for block sizes >= 4G\n\nWhen the iommu is used the linearization of the mapping can give a single\nblock that is very large split across multiple SG entries.\n\nWhen __rdma_block_iter_next() reassembles the split SG entries it is\noverflowing the 32 bit stack values and computed the wrong DMA addresses\nfor blocks after the truncation.\n\nUse the right types to hold DMA addresses."}],"affected":[{"source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","affectedData":[{"vendor":"Linux","product":"Linux","defaultStatus":"unaffected","programFiles":["drivers/infiniband/core/iter.c"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","versions":[{"version":"a808273a495c657e33281b181fd7fcc2bb28f662","lessThan":"2ff4b7817e5b78070c30f5fb5e678e452a2628b3","versionType":"git","status":"affected"},{"version":"a808273a495c657e33281b181fd7fcc2bb28f662","lessThan":"dee2a49adeeb2a5e16a3fc858fa21b841c519802","versionType":"git","status":"affected"},{"version":"a808273a495c657e33281b181fd7fcc2bb28f662","lessThan":"cc644d5608e3b0dadc970bd6e6aa26b91ea07d0f","versionType":"git","status":"affected"},{"version":"a808273a495c657e33281b181fd7fcc2bb28f662","lessThan":"8fe0231adebe086c8a459c790944ac026cd99c6e","versionType":"git","status":"affected"},{"version":"a808273a495c657e33281b181fd7fcc2bb28f662","lessThan":"baf8685bcf56dc1efb44b8f6a57c42516e549068","versionType":"git","status":"affected"},{"version":"a808273a495c657e33281b181fd7fcc2bb28f662","lessThan":"afd35fec9297195b759078745549c2671223f24f","versionType":"git","status":"affected"},{"version":"a808273a495c657e33281b181fd7fcc2bb28f662","lessThan":"ac1aad8e1281534ce936c250f68084fc79c5469e","versionType":"git","status":"affected"},{"version":"a808273a495c657e33281b181fd7fcc2bb28f662","lessThan":"15fe76e23615f502d051ef0768f86babaf08746c","versionType":"git","status":"affected"}]},{"vendor":"Linux","product":"Linux","defaultStatus":"affected","programFiles":["drivers/infiniband/core/iter.c"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","versions":[{"version":"5.2","status":"affected"},{"version":"0","lessThan":"5.2","versionType":"semver","status":"unaffected"},{"version":"5.10.259","lessThanOrEqual":"5.10.*","versionType":"semver","status":"unaffected"},{"version":"5.15.210","lessThanOrEqual":"5.15.*","versionType":"semver","status":"unaffected"},{"version":"6.1.176","lessThanOrEqual":"6.1.*","versionType":"semver","status":"unaffected"},{"version":"6.6.143","lessThanOrEqual":"6.6.*","versionType":"semver","status":"unaffected"},{"version":"6.12.94","lessThanOrEqual":"6.12.*","versionType":"semver","status":"unaffected"},{"version":"6.18.36","lessThanOrEqual":"6.18.*","versionType":"semver","status":"unaffected"},{"version":"7.0.13","lessThanOrEqual":"7.0.*","versionType":"semver","status":"unaffected"},{"version":"7.1","lessThanOrEqual":"*","versionType":"original_commit_for_fix","status":"unaffected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-681"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.2","versionEndExcluding":"5.10.259","matchCriteriaId":"B1C55967-7570-414A-BAE5-4F10A6880283"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.11","versionEndExcluding":"5.15.210","matchCriteriaId":"5E938CDF-D1C4-43D0-98DC-9E11B6B55801"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.16","versionEndExcluding":"6.1.176","matchCriteriaId":"C4446623-5F2B-4DD8-8666-9FAAC285A757"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.2","versionEndExcluding":"6.6.143","matchCriteriaId":"9062F1CD-CAD6-4EA2-A73F-C06D4A887B8C"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.7","versionEndExcluding":"6.12.94","matchCriteriaId":"85421C0C-ABDE-4357-971C-67F9087DE1B9"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.13","versionEndExcluding":"6.18.36","matchCriteriaId":"389025D2-958D-41BD-BD96-70ED1033A9F3"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.19","versionEndExcluding":"7.0.13","matchCriteriaId":"6A64BF9F-3BCA-42FD-98CB-8F03474D2B1E"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc1:*:*:*:*:*:*","matchCriteriaId":"B1EF7059-E670-45F4-B422-54C40FA86390"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc2:*:*:*:*:*:*","matchCriteriaId":"0D38F0BF-A728-4133-A358-D44A2F7EE6D6"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc3:*:*:*:*:*:*","matchCriteriaId":"EC732D08-5F7B-46D9-B154-E60C7F4F0A97"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc4:*:*:*:*:*:*","matchCriteriaId":"E5910A9D-F60A-409A-B486-FE66BFEBA9B9"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc5:*:*:*:*:*:*","matchCriteriaId":"81DFF19E-9CF8-49C6-8C36-1E4038622933"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc6:*:*:*:*:*:*","matchCriteriaId":"B0E8FC71-3952-444C-83E9-718DBBBEC615"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc7:*:*:*:*:*:*","matchCriteriaId":"1039E95A-8CC3-4C88-8FF9-5C08EEB861C9"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/15fe76e23615f502d051ef0768f86babaf08746c","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/2ff4b7817e5b78070c30f5fb5e678e452a2628b3","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/8fe0231adebe086c8a459c790944ac026cd99c6e","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/ac1aad8e1281534ce936c250f68084fc79c5469e","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/afd35fec9297195b759078745549c2671223f24f","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/baf8685bcf56dc1efb44b8f6a57c42516e549068","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/cc644d5608e3b0dadc970bd6e6aa26b91ea07d0f","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/dee2a49adeeb2a5e16a3fc858fa21b841c519802","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]}]}},{"cve":{"id":"CVE-2026-53134","sourceIdentifier":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","published":"2026-06-25T09:16:30.657","lastModified":"2026-07-07T16:59:14.557","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nft_fib: fix stale stack leak via the OIFNAME register\n\nFor NFT_FIB_RESULT_OIFNAME the destination register is declared with\nlen = IFNAMSIZ (four 32-bit registers), but on the lookup-fail,\nRTN_LOCAL and oif-mismatch paths nft_fib{4,6}_eval() only writes one\nregister via \"*dest = 0\". The remaining three registers are left as\nwhatever was on the stack in nft_do_chain()'s struct nft_regs, and a\ndownstream expression that loads the register span can leak that\nuninitialised kernel stack to userspace.\n\nThe NFTA_FIB_F_PRESENT existence check has the same shape: it is only\nmeaningful for NFT_FIB_RESULT_OIF, yet it was accepted for any result type\nwhile the eval stores a single byte via nft_reg_store8(), leaving the rest\nof the declared span stale.\n\nFix both:\n\n - replace the bare \"*dest = 0\" in the eval with nft_fib_store_result(),\n   which strscpy_pad()s the whole IFNAMSIZ for OIFNAME (and is already\n   used on the other early-return path), and\n\n - restrict NFTA_FIB_F_PRESENT to NFT_FIB_RESULT_OIF and declare its\n   destination as a single u8, so the marked span matches the one byte\n   the eval writes."}],"affected":[{"source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","affectedData":[{"vendor":"Linux","product":"Linux","defaultStatus":"unaffected","programFiles":["net/ipv4/netfilter/nft_fib_ipv4.c","net/ipv6/netfilter/nft_fib_ipv6.c","net/netfilter/nft_fib.c"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","versions":[{"version":"f6d0cbcf09c506b9b022df8f9d7693a7cec3c732","lessThan":"6744e49fe51bfba26522acc2d0e9703cb41d8e50","versionType":"git","status":"affected"},{"version":"f6d0cbcf09c506b9b022df8f9d7693a7cec3c732","lessThan":"eca18feed38b3377a2ec5d1f22af1170c55d0171","versionType":"git","status":"affected"},{"version":"f6d0cbcf09c506b9b022df8f9d7693a7cec3c732","lessThan":"d19ddef8c327a4773ff81f8e51027d1e0b4cf069","versionType":"git","status":"affected"},{"version":"f6d0cbcf09c506b9b022df8f9d7693a7cec3c732","lessThan":"eb8a8124484dbc3c2b543e207da39bbccb703d31","versionType":"git","status":"affected"},{"version":"f6d0cbcf09c506b9b022df8f9d7693a7cec3c732","lessThan":"8c84885e9790823828bb8084736ea15769b1ac16","versionType":"git","status":"affected"},{"version":"f6d0cbcf09c506b9b022df8f9d7693a7cec3c732","lessThan":"84d8f58cf28a0415413f43ba7148f7bacd4c1b6e","versionType":"git","status":"affected"},{"version":"f6d0cbcf09c506b9b022df8f9d7693a7cec3c732","lessThan":"3544210609f6d1db282bbdeca639104ef624c393","versionType":"git","status":"affected"},{"version":"f6d0cbcf09c506b9b022df8f9d7693a7cec3c732","lessThan":"ab185e0c4fb82dfba6fb86f8271e06f931d9c64c","versionType":"git","status":"affected"}]},{"vendor":"Linux","product":"Linux","defaultStatus":"affected","programFiles":["net/ipv4/netfilter/nft_fib_ipv4.c","net/ipv6/netfilter/nft_fib_ipv6.c","net/netfilter/nft_fib.c"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","versions":[{"version":"4.10","status":"affected"},{"version":"0","lessThan":"4.10","versionType":"semver","status":"unaffected"},{"version":"5.10.259","lessThanOrEqual":"5.10.*","versionType":"semver","status":"unaffected"},{"version":"5.15.210","lessThanOrEqual":"5.15.*","versionType":"semver","status":"unaffected"},{"version":"6.1.176","lessThanOrEqual":"6.1.*","versionType":"semver","status":"unaffected"},{"version":"6.6.143","lessThanOrEqual":"6.6.*","versionType":"semver","status":"unaffected"},{"version":"6.12.94","lessThanOrEqual":"6.12.*","versionType":"semver","status":"unaffected"},{"version":"6.18.36","lessThanOrEqual":"6.18.*","versionType":"semver","status":"unaffected"},{"version":"7.0.13","lessThanOrEqual":"7.0.*","versionType":"semver","status":"unaffected"},{"version":"7.1","lessThanOrEqual":"*","versionType":"original_commit_for_fix","status":"unaffected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","baseScore":5.5,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":3.6}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-401"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.10","versionEndExcluding":"5.10.259","matchCriteriaId":"587D546F-CC34-4ACB-B66D-DCFB16B40A68"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.11","versionEndExcluding":"5.15.210","matchCriteriaId":"5E938CDF-D1C4-43D0-98DC-9E11B6B55801"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.16","versionEndExcluding":"6.1.176","matchCriteriaId":"C4446623-5F2B-4DD8-8666-9FAAC285A757"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.2","versionEndExcluding":"6.6.143","matchCriteriaId":"9062F1CD-CAD6-4EA2-A73F-C06D4A887B8C"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.7","versionEndExcluding":"6.12.94","matchCriteriaId":"85421C0C-ABDE-4357-971C-67F9087DE1B9"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.13","versionEndExcluding":"6.18.36","matchCriteriaId":"389025D2-958D-41BD-BD96-70ED1033A9F3"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.19","versionEndExcluding":"7.0.13","matchCriteriaId":"6A64BF9F-3BCA-42FD-98CB-8F03474D2B1E"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc1:*:*:*:*:*:*","matchCriteriaId":"B1EF7059-E670-45F4-B422-54C40FA86390"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc2:*:*:*:*:*:*","matchCriteriaId":"0D38F0BF-A728-4133-A358-D44A2F7EE6D6"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc3:*:*:*:*:*:*","matchCriteriaId":"EC732D08-5F7B-46D9-B154-E60C7F4F0A97"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc4:*:*:*:*:*:*","matchCriteriaId":"E5910A9D-F60A-409A-B486-FE66BFEBA9B9"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc5:*:*:*:*:*:*","matchCriteriaId":"81DFF19E-9CF8-49C6-8C36-1E4038622933"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc6:*:*:*:*:*:*","matchCriteriaId":"B0E8FC71-3952-444C-83E9-718DBBBEC615"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc7:*:*:*:*:*:*","matchCriteriaId":"1039E95A-8CC3-4C88-8FF9-5C08EEB861C9"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/3544210609f6d1db282bbdeca639104ef624c393","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/6744e49fe51bfba26522acc2d0e9703cb41d8e50","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/84d8f58cf28a0415413f43ba7148f7bacd4c1b6e","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/8c84885e9790823828bb8084736ea15769b1ac16","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/ab185e0c4fb82dfba6fb86f8271e06f931d9c64c","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/d19ddef8c327a4773ff81f8e51027d1e0b4cf069","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/eb8a8124484dbc3c2b543e207da39bbccb703d31","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/eca18feed38b3377a2ec5d1f22af1170c55d0171","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]}]}},{"cve":{"id":"CVE-2026-53135","sourceIdentifier":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","published":"2026-06-25T09:16:30.787","lastModified":"2026-07-07T16:57:55.730","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: Fix NULL deref and buffer over-read in SDP debugfs\n\n[Why & How]\ndp_sdp_message_debugfs_write() dereferences connector->base.state->crtc\nwithout checking for NULL. A connector can be connected but not bound to\nany CRTC (e.g. after hot-plug before the next atomic commit), causing a\nkernel crash when writing to the sdp_message debugfs node.\n\nThe function also ignores the user-provided size argument and always\npasses 36 bytes to copy_from_user(), reading past the user buffer when\nsize < 36.\n\nFix both issues by:\n- Returning -ENODEV when connector->base.state or state->crtc is NULL\n- Clamping write_size to min(size, sizeof(data))\n\n(cherry picked from commit 6ab4c36a522842ff70474a1c0af2e40e50fc8300)"}],"affected":[{"source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","affectedData":[{"vendor":"Linux","product":"Linux","defaultStatus":"unaffected","programFiles":["drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm_debugfs.c"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","versions":[{"version":"c7ba3653e9773256b2b08508a2ed2ca28ea7566b","lessThan":"ee9cfcf77a8e8af637396dc00966df5f701e661c","versionType":"git","status":"affected"},{"version":"c7ba3653e9773256b2b08508a2ed2ca28ea7566b","lessThan":"b781f90a9528555c709e59789550893581ef0be4","versionType":"git","status":"affected"},{"version":"c7ba3653e9773256b2b08508a2ed2ca28ea7566b","lessThan":"a2de1d71891a038a9346b2c1a72b88c8350f2479","versionType":"git","status":"affected"},{"version":"c7ba3653e9773256b2b08508a2ed2ca28ea7566b","lessThan":"7fc4fab4acc307ad2903312c195872b2953d32c3","versionType":"git","status":"affected"},{"version":"c7ba3653e9773256b2b08508a2ed2ca28ea7566b","lessThan":"7ae95c0275c330b5dbae806f8e431720edad776f","versionType":"git","status":"affected"},{"version":"c7ba3653e9773256b2b08508a2ed2ca28ea7566b","lessThan":"bb6f705b73b5f191f14ad004e2c8c4b615806187","versionType":"git","status":"affected"},{"version":"c7ba3653e9773256b2b08508a2ed2ca28ea7566b","lessThan":"c90954cdea4d6998ec345de0d840d030c145b89e","versionType":"git","status":"affected"},{"version":"c7ba3653e9773256b2b08508a2ed2ca28ea7566b","lessThan":"adf67034b1f61f7119295208085bfd43f85f56af","versionType":"git","status":"affected"}]},{"vendor":"Linux","product":"Linux","defaultStatus":"affected","programFiles":["drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm_debugfs.c"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","versions":[{"version":"5.2","status":"affected"},{"version":"0","lessThan":"5.2","versionType":"semver","status":"unaffected"},{"version":"5.10.259","lessThanOrEqual":"5.10.*","versionType":"semver","status":"unaffected"},{"version":"5.15.210","lessThanOrEqual":"5.15.*","versionType":"semver","status":"unaffected"},{"version":"6.1.176","lessThanOrEqual":"6.1.*","versionType":"semver","status":"unaffected"},{"version":"6.6.143","lessThanOrEqual":"6.6.*","versionType":"semver","status":"unaffected"},{"version":"6.12.94","lessThanOrEqual":"6.12.*","versionType":"semver","status":"unaffected"},{"version":"6.18.36","lessThanOrEqual":"6.18.*","versionType":"semver","status":"unaffected"},{"version":"7.0.13","lessThanOrEqual":"7.0.*","versionType":"semver","status":"unaffected"},{"version":"7.1","lessThanOrEqual":"*","versionType":"original_commit_for_fix","status":"unaffected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","baseScore":5.5,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":3.6}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-476"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.2","versionEndExcluding":"5.10.259","matchCriteriaId":"B1C55967-7570-414A-BAE5-4F10A6880283"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.11","versionEndExcluding":"5.15.210","matchCriteriaId":"5E938CDF-D1C4-43D0-98DC-9E11B6B55801"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.16","versionEndExcluding":"6.1.176","matchCriteriaId":"C4446623-5F2B-4DD8-8666-9FAAC285A757"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.2","versionEndExcluding":"6.6.143","matchCriteriaId":"9062F1CD-CAD6-4EA2-A73F-C06D4A887B8C"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.7","versionEndExcluding":"6.12.94","matchCriteriaId":"85421C0C-ABDE-4357-971C-67F9087DE1B9"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.13","versionEndExcluding":"6.18.36","matchCriteriaId":"389025D2-958D-41BD-BD96-70ED1033A9F3"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.19","versionEndExcluding":"7.0.13","matchCriteriaId":"6A64BF9F-3BCA-42FD-98CB-8F03474D2B1E"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc1:*:*:*:*:*:*","matchCriteriaId":"B1EF7059-E670-45F4-B422-54C40FA86390"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc2:*:*:*:*:*:*","matchCriteriaId":"0D38F0BF-A728-4133-A358-D44A2F7EE6D6"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc3:*:*:*:*:*:*","matchCriteriaId":"EC732D08-5F7B-46D9-B154-E60C7F4F0A97"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc4:*:*:*:*:*:*","matchCriteriaId":"E5910A9D-F60A-409A-B486-FE66BFEBA9B9"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc5:*:*:*:*:*:*","matchCriteriaId":"81DFF19E-9CF8-49C6-8C36-1E4038622933"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc6:*:*:*:*:*:*","matchCriteriaId":"B0E8FC71-3952-444C-83E9-718DBBBEC615"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/7ae95c0275c330b5dbae806f8e431720edad776f","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/7fc4fab4acc307ad2903312c195872b2953d32c3","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/a2de1d71891a038a9346b2c1a72b88c8350f2479","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/adf67034b1f61f7119295208085bfd43f85f56af","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/b781f90a9528555c709e59789550893581ef0be4","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/bb6f705b73b5f191f14ad004e2c8c4b615806187","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/c90954cdea4d6998ec345de0d840d030c145b89e","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/ee9cfcf77a8e8af637396dc00966df5f701e661c","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]}]}},{"cve":{"id":"CVE-2026-53136","sourceIdentifier":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","published":"2026-06-25T09:16:30.910","lastModified":"2026-07-07T16:57:16.550","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: Clamp VBIOS HDMI retimer register count to array size\n\n[Why & How]\nThe VBIOS integrated info tables (v1_11 and v2_1) contain HdmiRegNum and\nHdmi6GRegNum fields that are used as loop bounds when copying retimer I2C\nregister settings into fixed-size arrays (dp*_ext_hdmi_reg_settings[9]\nand dp*_ext_hdmi_6g_reg_settings[3]). These u8 fields are not validated\nbefore use, so a malformed VBIOS can specify values up to 255, causing an\nout-of-bounds heap write during driver probe.\n\nClamp each register count to the destination array size using min_t()\nbefore the copy loops, in both get_integrated_info_v11() and\nget_integrated_info_v2_1().\n\n(cherry picked from commit 5a7f0ef90195940c54b0f5bb85b87da55f038c69)"}],"affected":[{"source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","affectedData":[{"vendor":"Linux","product":"Linux","defaultStatus":"unaffected","programFiles":["drivers/gpu/drm/amd/display/dc/bios/bios_parser2.c"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","versions":[{"version":"1e8635ea0ea370bf4f0f2b2f1b3eb61474dd962a","lessThan":"029571d51140650783be4fb98fe7cb4754752086","versionType":"git","status":"affected"},{"version":"1e8635ea0ea370bf4f0f2b2f1b3eb61474dd962a","lessThan":"5f8b39452fb16f507c9e4d8b4a83ce27e893307c","versionType":"git","status":"affected"},{"version":"1e8635ea0ea370bf4f0f2b2f1b3eb61474dd962a","lessThan":"4d1c3c26c2ab1842e139e61983395d64bd2e518b","versionType":"git","status":"affected"},{"version":"1e8635ea0ea370bf4f0f2b2f1b3eb61474dd962a","lessThan":"d6be8e59af412623e3d874be3a048406c0edfe60","versionType":"git","status":"affected"},{"version":"1e8635ea0ea370bf4f0f2b2f1b3eb61474dd962a","lessThan":"3f32d52ec604c659725d865cf8cc6a17a33f9c6a","versionType":"git","status":"affected"},{"version":"1e8635ea0ea370bf4f0f2b2f1b3eb61474dd962a","lessThan":"8aaa7e317fbd4beb9c6a9f77aa4cf52fae78b117","versionType":"git","status":"affected"},{"version":"1e8635ea0ea370bf4f0f2b2f1b3eb61474dd962a","lessThan":"fb0707ce00eef4e2d60c3020e1c0432739703e4a","versionType":"git","status":"affected"}]},{"vendor":"Linux","product":"Linux","defaultStatus":"affected","programFiles":["drivers/gpu/drm/amd/display/dc/bios/bios_parser2.c"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","versions":[{"version":"4.15","status":"affected"},{"version":"0","lessThan":"4.15","versionType":"semver","status":"unaffected"},{"version":"5.15.210","lessThanOrEqual":"5.15.*","versionType":"semver","status":"unaffected"},{"version":"6.1.176","lessThanOrEqual":"6.1.*","versionType":"semver","status":"unaffected"},{"version":"6.6.143","lessThanOrEqual":"6.6.*","versionType":"semver","status":"unaffected"},{"version":"6.12.94","lessThanOrEqual":"6.12.*","versionType":"semver","status":"unaffected"},{"version":"6.18.36","lessThanOrEqual":"6.18.*","versionType":"semver","status":"unaffected"},{"version":"7.0.13","lessThanOrEqual":"7.0.*","versionType":"semver","status":"unaffected"},{"version":"7.1","lessThanOrEqual":"*","versionType":"original_commit_for_fix","status":"unaffected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-787"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.15","versionEndExcluding":"5.15.210","matchCriteriaId":"E38A9AB0-0756-40E8-860F-FF23B584A2C0"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.16","versionEndExcluding":"6.1.176","matchCriteriaId":"C4446623-5F2B-4DD8-8666-9FAAC285A757"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.2","versionEndExcluding":"6.6.143","matchCriteriaId":"9062F1CD-CAD6-4EA2-A73F-C06D4A887B8C"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.7","versionEndExcluding":"6.12.94","matchCriteriaId":"85421C0C-ABDE-4357-971C-67F9087DE1B9"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.13","versionEndExcluding":"6.18.36","matchCriteriaId":"389025D2-958D-41BD-BD96-70ED1033A9F3"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.19","versionEndExcluding":"7.0.13","matchCriteriaId":"6A64BF9F-3BCA-42FD-98CB-8F03474D2B1E"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc1:*:*:*:*:*:*","matchCriteriaId":"B1EF7059-E670-45F4-B422-54C40FA86390"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc2:*:*:*:*:*:*","matchCriteriaId":"0D38F0BF-A728-4133-A358-D44A2F7EE6D6"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc3:*:*:*:*:*:*","matchCriteriaId":"EC732D08-5F7B-46D9-B154-E60C7F4F0A97"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc4:*:*:*:*:*:*","matchCriteriaId":"E5910A9D-F60A-409A-B486-FE66BFEBA9B9"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc5:*:*:*:*:*:*","matchCriteriaId":"81DFF19E-9CF8-49C6-8C36-1E4038622933"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc6:*:*:*:*:*:*","matchCriteriaId":"B0E8FC71-3952-444C-83E9-718DBBBEC615"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/029571d51140650783be4fb98fe7cb4754752086","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/3f32d52ec604c659725d865cf8cc6a17a33f9c6a","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/4d1c3c26c2ab1842e139e61983395d64bd2e518b","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/5f8b39452fb16f507c9e4d8b4a83ce27e893307c","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/8aaa7e317fbd4beb9c6a9f77aa4cf52fae78b117","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/d6be8e59af412623e3d874be3a048406c0edfe60","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/fb0707ce00eef4e2d60c3020e1c0432739703e4a","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]}]}},{"cve":{"id":"CVE-2026-53137","sourceIdentifier":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","published":"2026-06-25T09:16:31.030","lastModified":"2026-07-07T16:51:48.147","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: Clamp HDMI HDCP2 rx_id_list read to buffer size\n\n[Why & How]\nDuring HDCP 2.x repeater authentication over HDMI, the driver reads the\nsink's RxStatus register and extracts a 10-bit message size field (max\nvalue 1023). This value is used as the read length for the ReceiverID\nlist without being clamped to the size of the destination buffer\nrx_id_list[177]. A malicious HDMI repeater could advertise a message\nsize larger than the buffer, causing an out-of-bounds write during the\nI2C read.\n\nClamp the read length in mod_hdcp_read_rx_id_list() to the size of the\nrx_id_list buffer, matching the approach already used in the DP branch.\n\n(cherry picked from commit 229212219e4247d9486f8ba41ef087358490be09)"}],"affected":[{"source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","affectedData":[{"vendor":"Linux","product":"Linux","defaultStatus":"unaffected","programFiles":["drivers/gpu/drm/amd/display/modules/hdcp/hdcp_ddc.c"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","versions":[{"version":"eff682f83c9c2030761e7536c5d97e1b20f71c15","lessThan":"3c4444aec06c74fbc05661f370954ac814963c38","versionType":"git","status":"affected"},{"version":"eff682f83c9c2030761e7536c5d97e1b20f71c15","lessThan":"91fb41218c413989d8b6c837748751454b452d68","versionType":"git","status":"affected"},{"version":"eff682f83c9c2030761e7536c5d97e1b20f71c15","lessThan":"964e50ef7b8f09815a7d05b8326af700f8d5bc96","versionType":"git","status":"affected"},{"version":"eff682f83c9c2030761e7536c5d97e1b20f71c15","lessThan":"79e0273272a05fb26f9b1e55bf1a52eefc3b7b35","versionType":"git","status":"affected"},{"version":"eff682f83c9c2030761e7536c5d97e1b20f71c15","lessThan":"bfba882cfcd08f6540f72f48e786b6404f5d2c5b","versionType":"git","status":"affected"},{"version":"eff682f83c9c2030761e7536c5d97e1b20f71c15","lessThan":"1906064d50d194a145486e5caf3db3e708b6f6ef","versionType":"git","status":"affected"},{"version":"eff682f83c9c2030761e7536c5d97e1b20f71c15","lessThan":"98cfb7530ea91d8e5e928285cdce58e1131f6e83","versionType":"git","status":"affected"},{"version":"eff682f83c9c2030761e7536c5d97e1b20f71c15","lessThan":"f0f3981c43b32cadfe373d636d9e9ca522bb3702","versionType":"git","status":"affected"}]},{"vendor":"Linux","product":"Linux","defaultStatus":"affected","programFiles":["drivers/gpu/drm/amd/display/modules/hdcp/hdcp_ddc.c"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","versions":[{"version":"5.6","status":"affected"},{"version":"0","lessThan":"5.6","versionType":"semver","status":"unaffected"},{"version":"5.10.259","lessThanOrEqual":"5.10.*","versionType":"semver","status":"unaffected"},{"version":"5.15.210","lessThanOrEqual":"5.15.*","versionType":"semver","status":"unaffected"},{"version":"6.1.176","lessThanOrEqual":"6.1.*","versionType":"semver","status":"unaffected"},{"version":"6.6.143","lessThanOrEqual":"6.6.*","versionType":"semver","status":"unaffected"},{"version":"6.12.94","lessThanOrEqual":"6.12.*","versionType":"semver","status":"unaffected"},{"version":"6.18.36","lessThanOrEqual":"6.18.*","versionType":"semver","status":"unaffected"},{"version":"7.0.13","lessThanOrEqual":"7.0.*","versionType":"semver","status":"unaffected"},{"version":"7.1","lessThanOrEqual":"*","versionType":"original_commit_for_fix","status":"unaffected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-787"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.6","versionEndExcluding":"5.10.259","matchCriteriaId":"047C25D4-CC7B-4FD9-B441-C8E72652C2D0"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.11","versionEndExcluding":"5.15.210","matchCriteriaId":"5E938CDF-D1C4-43D0-98DC-9E11B6B55801"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.16","versionEndExcluding":"6.1.176","matchCriteriaId":"C4446623-5F2B-4DD8-8666-9FAAC285A757"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.2","versionEndExcluding":"6.6.143","matchCriteriaId":"9062F1CD-CAD6-4EA2-A73F-C06D4A887B8C"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.7","versionEndExcluding":"6.12.94","matchCriteriaId":"85421C0C-ABDE-4357-971C-67F9087DE1B9"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.13","versionEndExcluding":"6.18.36","matchCriteriaId":"389025D2-958D-41BD-BD96-70ED1033A9F3"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.19","versionEndExcluding":"7.0.13","matchCriteriaId":"6A64BF9F-3BCA-42FD-98CB-8F03474D2B1E"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc1:*:*:*:*:*:*","matchCriteriaId":"B1EF7059-E670-45F4-B422-54C40FA86390"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc2:*:*:*:*:*:*","matchCriteriaId":"0D38F0BF-A728-4133-A358-D44A2F7EE6D6"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc3:*:*:*:*:*:*","matchCriteriaId":"EC732D08-5F7B-46D9-B154-E60C7F4F0A97"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc4:*:*:*:*:*:*","matchCriteriaId":"E5910A9D-F60A-409A-B486-FE66BFEBA9B9"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc5:*:*:*:*:*:*","matchCriteriaId":"81DFF19E-9CF8-49C6-8C36-1E4038622933"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc6:*:*:*:*:*:*","matchCriteriaId":"B0E8FC71-3952-444C-83E9-718DBBBEC615"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/1906064d50d194a145486e5caf3db3e708b6f6ef","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/3c4444aec06c74fbc05661f370954ac814963c38","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/79e0273272a05fb26f9b1e55bf1a52eefc3b7b35","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/91fb41218c413989d8b6c837748751454b452d68","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/964e50ef7b8f09815a7d05b8326af700f8d5bc96","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/98cfb7530ea91d8e5e928285cdce58e1131f6e83","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/bfba882cfcd08f6540f72f48e786b6404f5d2c5b","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/f0f3981c43b32cadfe373d636d9e9ca522bb3702","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]}]}},{"cve":{"id":"CVE-2026-53138","sourceIdentifier":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","published":"2026-06-25T09:16:31.150","lastModified":"2026-07-07T16:51:06.297","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: Bound VBIOS record-chain walk loops\n\n[Why & How]\nAll record-chain walk loops in bios_parser.c and bios_parser2.c use\nfor(;;) and only terminate on a 0xFF record_type sentinel or zero\nrecord_size. A malformed VBIOS image missing the terminator record\ncauses unbounded iteration at probe time, potentially hundreds of\nthousands of iterations with record_size=1. In the final iterations\nnear the BIOS image boundary, struct casts beyond the 2-byte header\nvalidated by GET_IMAGE can also read out of bounds.\n\nCap all 14 record-chain walk loops to BIOS_MAX_NUM_RECORD (256)\niterations. The atombios.h defines up to 22 distinct record types\nand atomfirmware.h has 13. Assuming an average of less than 10\nrecords per type (which is reasonable since most are connector-\nbased) 256 is a generous upper bound.\n\n(cherry picked from commit 95700a3d660287ed657d6892f7be9ffc0e294a93)"}],"affected":[{"source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","affectedData":[{"vendor":"Linux","product":"Linux","defaultStatus":"unaffected","programFiles":["drivers/gpu/drm/amd/display/dc/bios/bios_parser.c","drivers/gpu/drm/amd/display/dc/bios/bios_parser2.c","drivers/gpu/drm/amd/display/dc/bios/bios_parser_helper.h"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","versions":[{"version":"4562236b3bc0a28aeb6ee93b2d8a849a4c4e1c7c","lessThan":"e94f5323c41f32a74160378c3b19850d1f203ad5","versionType":"git","status":"affected"},{"version":"4562236b3bc0a28aeb6ee93b2d8a849a4c4e1c7c","lessThan":"04e271a952b8863bbafc99bd51aca4c32bff0e0d","versionType":"git","status":"affected"},{"version":"4562236b3bc0a28aeb6ee93b2d8a849a4c4e1c7c","lessThan":"6723188c42ca3b34a9fce634d7a0ecc9ccd5cd56","versionType":"git","status":"affected"},{"version":"4562236b3bc0a28aeb6ee93b2d8a849a4c4e1c7c","lessThan":"499c6b43a79dd684bddbd18fe8b2235aa2764db4","versionType":"git","status":"affected"},{"version":"4562236b3bc0a28aeb6ee93b2d8a849a4c4e1c7c","lessThan":"6173cfea2f916e01c4f98e29cd654384a05e32a3","versionType":"git","status":"affected"},{"version":"4562236b3bc0a28aeb6ee93b2d8a849a4c4e1c7c","lessThan":"0e56f460bddb397fa9a8e6faf7ae7eaa86953eb1","versionType":"git","status":"affected"},{"version":"4562236b3bc0a28aeb6ee93b2d8a849a4c4e1c7c","lessThan":"2645e3caf7e013189da9c6ff621d006cca5a538b","versionType":"git","status":"affected"},{"version":"4562236b3bc0a28aeb6ee93b2d8a849a4c4e1c7c","lessThan":"ff287df16a1a58aca78b08d1f3ee09fc44da0351","versionType":"git","status":"affected"}]},{"vendor":"Linux","product":"Linux","defaultStatus":"affected","programFiles":["drivers/gpu/drm/amd/display/dc/bios/bios_parser.c","drivers/gpu/drm/amd/display/dc/bios/bios_parser2.c","drivers/gpu/drm/amd/display/dc/bios/bios_parser_helper.h"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","versions":[{"version":"4.15","status":"affected"},{"version":"0","lessThan":"4.15","versionType":"semver","status":"unaffected"},{"version":"5.10.260","lessThanOrEqual":"5.10.*","versionType":"semver","status":"unaffected"},{"version":"5.15.211","lessThanOrEqual":"5.15.*","versionType":"semver","status":"unaffected"},{"version":"6.1.177","lessThanOrEqual":"6.1.*","versionType":"semver","status":"unaffected"},{"version":"6.6.144","lessThanOrEqual":"6.6.*","versionType":"semver","status":"unaffected"},{"version":"6.12.94","lessThanOrEqual":"6.12.*","versionType":"semver","status":"unaffected"},{"version":"6.18.36","lessThanOrEqual":"6.18.*","versionType":"semver","status":"unaffected"},{"version":"7.0.13","lessThanOrEqual":"7.0.*","versionType":"semver","status":"unaffected"},{"version":"7.1","lessThanOrEqual":"*","versionType":"original_commit_for_fix","status":"unaffected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H","baseScore":7.1,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.2}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-125"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.15","versionEndExcluding":"5.10.260","matchCriteriaId":"F1033F7E-FEFA-48D5-9319-95C116767C23"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.11","versionEndExcluding":"5.15.211","matchCriteriaId":"D71C101E-388C-4A46-BD99-49049F7C5CFF"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.16","versionEndExcluding":"6.1.177","matchCriteriaId":"333C9E30-7FD4-46A2-94EF-C1AA1F3EE28B"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.2","versionEndExcluding":"6.6.144","matchCriteriaId":"C8AD3BC8-C843-423C-B9DB-CB52F67F578E"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.7","versionEndExcluding":"6.12.94","matchCriteriaId":"85421C0C-ABDE-4357-971C-67F9087DE1B9"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.13","versionEndExcluding":"6.18.36","matchCriteriaId":"389025D2-958D-41BD-BD96-70ED1033A9F3"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.19","versionEndExcluding":"7.0.13","matchCriteriaId":"6A64BF9F-3BCA-42FD-98CB-8F03474D2B1E"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc1:*:*:*:*:*:*","matchCriteriaId":"B1EF7059-E670-45F4-B422-54C40FA86390"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc2:*:*:*:*:*:*","matchCriteriaId":"0D38F0BF-A728-4133-A358-D44A2F7EE6D6"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc3:*:*:*:*:*:*","matchCriteriaId":"EC732D08-5F7B-46D9-B154-E60C7F4F0A97"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc4:*:*:*:*:*:*","matchCriteriaId":"E5910A9D-F60A-409A-B486-FE66BFEBA9B9"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc5:*:*:*:*:*:*","matchCriteriaId":"81DFF19E-9CF8-49C6-8C36-1E4038622933"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc6:*:*:*:*:*:*","matchCriteriaId":"B0E8FC71-3952-444C-83E9-718DBBBEC615"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/04e271a952b8863bbafc99bd51aca4c32bff0e0d","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/0e56f460bddb397fa9a8e6faf7ae7eaa86953eb1","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/2645e3caf7e013189da9c6ff621d006cca5a538b","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/499c6b43a79dd684bddbd18fe8b2235aa2764db4","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/6173cfea2f916e01c4f98e29cd654384a05e32a3","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/6723188c42ca3b34a9fce634d7a0ecc9ccd5cd56","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/e94f5323c41f32a74160378c3b19850d1f203ad5","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/ff287df16a1a58aca78b08d1f3ee09fc44da0351","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]}]}},{"cve":{"id":"CVE-2026-53141","sourceIdentifier":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","published":"2026-06-25T09:16:31.423","lastModified":"2026-07-07T16:42:12.800","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/v3d: Fix global performance monitor reference counting\n\nIn the SET_GLOBAL ioctl, v3d_perfmon_find() bumps the reference count on\nthe perfmon it returns, but v3d_perfmon_set_global_ioctl() and\nv3d_perfmon_delete() fail to release that reference on several paths:\n\n  1. v3d_perfmon_set_global_ioctl() leaks the reference on its error\n     paths.\n\n  2. CLEAR_GLOBAL leaks both the find reference and the reference\n     previously stashed in v3d->global_perfmon by the SET_GLOBAL ioctl\n     that configured it.\n\n  3. Destroying a perfmon that is the current global perfmon leaks the\n     reference stashed by the SET_GLOBAL ioctl.\n\nRelease each of these references explicitly."}],"affected":[{"source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","affectedData":[{"vendor":"Linux","product":"Linux","defaultStatus":"unaffected","programFiles":["drivers/gpu/drm/v3d/v3d_perfmon.c"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","versions":[{"version":"c6eabbab359c156669e10d5dec3e71e80ff09bd2","lessThan":"3e1947573140a57119294f0bff39ee18d93f23e1","versionType":"git","status":"affected"},{"version":"c6eabbab359c156669e10d5dec3e71e80ff09bd2","lessThan":"ed2eaf3b7b1820b690e4b896d344e00027526a25","versionType":"git","status":"affected"},{"version":"c6eabbab359c156669e10d5dec3e71e80ff09bd2","lessThan":"6bf7e2affc6e62da7add393d7f352d4040f5bc27","versionType":"git","status":"affected"}]},{"vendor":"Linux","product":"Linux","defaultStatus":"affected","programFiles":["drivers/gpu/drm/v3d/v3d_perfmon.c"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","versions":[{"version":"6.14","status":"affected"},{"version":"0","lessThan":"6.14","versionType":"semver","status":"unaffected"},{"version":"6.18.36","lessThanOrEqual":"6.18.*","versionType":"semver","status":"unaffected"},{"version":"7.0.13","lessThanOrEqual":"7.0.*","versionType":"semver","status":"unaffected"},{"version":"7.1","lessThanOrEqual":"*","versionType":"original_commit_for_fix","status":"unaffected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","baseScore":5.5,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":3.6}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-Other"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.14","versionEndExcluding":"6.18.36","matchCriteriaId":"F44E71B4-36C2-4FDD-9239-2EEBD641A1C8"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.19","versionEndExcluding":"7.0.13","matchCriteriaId":"6A64BF9F-3BCA-42FD-98CB-8F03474D2B1E"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc1:*:*:*:*:*:*","matchCriteriaId":"B1EF7059-E670-45F4-B422-54C40FA86390"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc2:*:*:*:*:*:*","matchCriteriaId":"0D38F0BF-A728-4133-A358-D44A2F7EE6D6"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc3:*:*:*:*:*:*","matchCriteriaId":"EC732D08-5F7B-46D9-B154-E60C7F4F0A97"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc4:*:*:*:*:*:*","matchCriteriaId":"E5910A9D-F60A-409A-B486-FE66BFEBA9B9"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc5:*:*:*:*:*:*","matchCriteriaId":"81DFF19E-9CF8-49C6-8C36-1E4038622933"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc6:*:*:*:*:*:*","matchCriteriaId":"B0E8FC71-3952-444C-83E9-718DBBBEC615"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/3e1947573140a57119294f0bff39ee18d93f23e1","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/6bf7e2affc6e62da7add393d7f352d4040f5bc27","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/ed2eaf3b7b1820b690e4b896d344e00027526a25","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]}]}},{"cve":{"id":"CVE-2026-53142","sourceIdentifier":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","published":"2026-06-25T09:16:31.513","lastModified":"2026-07-07T16:41:37.007","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/xe/display: fix oops in suspend/shutdown without display\n\nThe xe driver keeps track of whether to probe display, and whether\ndisplay hardware is there, using xe->info.probe_display. It gets set to\nfalse if there's no display after intel_display_device_probe(). However,\nthe display may also be disabled via fuses, detected at a later time in\nintel_display_device_info_runtime_init().\n\nIn this case, the xe driver does for_each_intel_crtc() on uninitialized\nmode config in xe_display_flush_cleanup_work(), leading to a NULL\npointer dereference, and generally calls display code with display info\ncleared.\n\nCheck for intel_display_device_present() after\nintel_display_device_info_runtime_init(), and reset\nxe->info.probe_display as necessary. Also do unset_display_features()\nfor completeness, although display runtime init has already done\nthat. This will need to be unified across all cases later.\n\nMove intel_display_device_info_runtime_init() call slightly earlier,\nsimilar to i915, to avoid a bunch of unnecessary setup for no display\ncases.\n\nNote #1: The xe driver has no business doing low level display plumbing\nlike for_each_intel_crtc() to begin with. It all needs to happen in\ndisplay code.\n\nNote #2: The actual bug is present already in commit 44e694958b95\n(\"drm/xe/display: Implement display support\"), but the oops was likely\nintroduced later at commit ddf6492e0e50 (\"drm/xe/display: Make display\nsuspend/resume work on discrete\").\n\n(cherry picked from commit 7c3eb9f47533220888a67266448185fd0775d4da)"}],"affected":[{"source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","affectedData":[{"vendor":"Linux","product":"Linux","defaultStatus":"unaffected","programFiles":["drivers/gpu/drm/xe/display/xe_display.c"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","versions":[{"version":"44e694958b95395bd1c41508c88c8ca141bf9bd7","lessThan":"ddf1fe4c043aa42e46aef87b815d5deeed2fcd7b","versionType":"git","status":"affected"},{"version":"44e694958b95395bd1c41508c88c8ca141bf9bd7","lessThan":"0f68ddfaaebfbb5581ee931779757d31f4dc9e24","versionType":"git","status":"affected"},{"version":"44e694958b95395bd1c41508c88c8ca141bf9bd7","lessThan":"238bcdaae8f2abc65e182de7d1f69cf8f611a610","versionType":"git","status":"affected"},{"version":"44e694958b95395bd1c41508c88c8ca141bf9bd7","lessThan":"68938cc08e23a94fd881e845837ff918de005ce7","versionType":"git","status":"affected"}]},{"vendor":"Linux","product":"Linux","defaultStatus":"affected","programFiles":["drivers/gpu/drm/xe/display/xe_display.c"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","versions":[{"version":"6.8","status":"affected"},{"version":"0","lessThan":"6.8","versionType":"semver","status":"unaffected"},{"version":"6.12.95","lessThanOrEqual":"6.12.*","versionType":"semver","status":"unaffected"},{"version":"6.18.36","lessThanOrEqual":"6.18.*","versionType":"semver","status":"unaffected"},{"version":"7.0.13","lessThanOrEqual":"7.0.*","versionType":"semver","status":"unaffected"},{"version":"7.1","lessThanOrEqual":"*","versionType":"original_commit_for_fix","status":"unaffected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","baseScore":5.5,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":3.6}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-908"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.8","versionEndExcluding":"6.12.95","matchCriteriaId":"D94789D5-2D61-4B2C-920F-E9065372109D"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.13","versionEndExcluding":"6.18.36","matchCriteriaId":"389025D2-958D-41BD-BD96-70ED1033A9F3"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.19","versionEndExcluding":"7.0.13","matchCriteriaId":"6A64BF9F-3BCA-42FD-98CB-8F03474D2B1E"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc1:*:*:*:*:*:*","matchCriteriaId":"B1EF7059-E670-45F4-B422-54C40FA86390"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc2:*:*:*:*:*:*","matchCriteriaId":"0D38F0BF-A728-4133-A358-D44A2F7EE6D6"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc3:*:*:*:*:*:*","matchCriteriaId":"EC732D08-5F7B-46D9-B154-E60C7F4F0A97"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc4:*:*:*:*:*:*","matchCriteriaId":"E5910A9D-F60A-409A-B486-FE66BFEBA9B9"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc5:*:*:*:*:*:*","matchCriteriaId":"81DFF19E-9CF8-49C6-8C36-1E4038622933"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc6:*:*:*:*:*:*","matchCriteriaId":"B0E8FC71-3952-444C-83E9-718DBBBEC615"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc7:*:*:*:*:*:*","matchCriteriaId":"1039E95A-8CC3-4C88-8FF9-5C08EEB861C9"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/0f68ddfaaebfbb5581ee931779757d31f4dc9e24","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/238bcdaae8f2abc65e182de7d1f69cf8f611a610","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/68938cc08e23a94fd881e845837ff918de005ce7","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/ddf1fe4c043aa42e46aef87b815d5deeed2fcd7b","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]}]}},{"cve":{"id":"CVE-2026-53144","sourceIdentifier":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","published":"2026-06-25T09:16:31.710","lastModified":"2026-07-07T16:34:47.617","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amdkfd: fix NULL dereference in get_queue_ids()\n\nWhen usr_queue_id_array is NULL and num_queues is non-zero,\nget_queue_ids() returns NULL. The callers check only IS_ERR() on the\nreturn value; since IS_ERR(NULL) == false the check passes, and\nsuspend_queues() calls q_array_invalidate() which immediately\ndereferences NULL while iterating num_queues times.\n\nUserspace can trigger this via kfd_ioctl_set_debug_trap() by supplying\nnum_queues > 0 with a zero queue_array_ptr, causing a kernel panic.\n\nA NULL usr_queue_id_array with num_queues == 0 is a legitimate no-op\n(q_array_invalidate never executes, and resume_queues already guards\nall queue_ids dereferences behind a NULL check). Return ERR_PTR(-EINVAL)\nonly when num_queues is non-zero and the pointer is absent; both callers\nalready propagate IS_ERR() returns correctly to userspace.\n\n(cherry picked from commit f165a82cdf503884bb1797771c61b2fcc72113d4)"}],"affected":[{"source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","affectedData":[{"vendor":"Linux","product":"Linux","defaultStatus":"unaffected","programFiles":["drivers/gpu/drm/amd/amdkfd/kfd_device_queue_manager.c"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","versions":[{"version":"a70a93fa568b4f05aba548dadb673703eccf5480","lessThan":"62bd09e23a23da70f9aae02748eba3e6bd93095d","versionType":"git","status":"affected"},{"version":"a70a93fa568b4f05aba548dadb673703eccf5480","lessThan":"daeceb0fe2a19651c58bbfa3d9d515ecb6ca8996","versionType":"git","status":"affected"},{"version":"a70a93fa568b4f05aba548dadb673703eccf5480","lessThan":"72e259a32084c42816152c346096d2edd4213e23","versionType":"git","status":"affected"},{"version":"a70a93fa568b4f05aba548dadb673703eccf5480","lessThan":"e1965e8913cfbf17622ca12638e7a07f68ba0848","versionType":"git","status":"affected"},{"version":"a70a93fa568b4f05aba548dadb673703eccf5480","lessThan":"2bd550b547deabef98bd3b017ff743b7c34d3a6d","versionType":"git","status":"affected"}]},{"vendor":"Linux","product":"Linux","defaultStatus":"affected","programFiles":["drivers/gpu/drm/amd/amdkfd/kfd_device_queue_manager.c"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","versions":[{"version":"6.5","status":"affected"},{"version":"0","lessThan":"6.5","versionType":"semver","status":"unaffected"},{"version":"6.6.143","lessThanOrEqual":"6.6.*","versionType":"semver","status":"unaffected"},{"version":"6.12.94","lessThanOrEqual":"6.12.*","versionType":"semver","status":"unaffected"},{"version":"6.18.36","lessThanOrEqual":"6.18.*","versionType":"semver","status":"unaffected"},{"version":"7.0.13","lessThanOrEqual":"7.0.*","versionType":"semver","status":"unaffected"},{"version":"7.1","lessThanOrEqual":"*","versionType":"original_commit_for_fix","status":"unaffected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","baseScore":5.5,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":3.6}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-476"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.5","versionEndExcluding":"6.6.143","matchCriteriaId":"0DB27922-E47A-4720-862F-288D606ABCD3"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.7","versionEndExcluding":"6.12.94","matchCriteriaId":"85421C0C-ABDE-4357-971C-67F9087DE1B9"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.13","versionEndExcluding":"6.18.36","matchCriteriaId":"389025D2-958D-41BD-BD96-70ED1033A9F3"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.19","versionEndExcluding":"7.0.13","matchCriteriaId":"6A64BF9F-3BCA-42FD-98CB-8F03474D2B1E"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc1:*:*:*:*:*:*","matchCriteriaId":"B1EF7059-E670-45F4-B422-54C40FA86390"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc2:*:*:*:*:*:*","matchCriteriaId":"0D38F0BF-A728-4133-A358-D44A2F7EE6D6"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc3:*:*:*:*:*:*","matchCriteriaId":"EC732D08-5F7B-46D9-B154-E60C7F4F0A97"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc4:*:*:*:*:*:*","matchCriteriaId":"E5910A9D-F60A-409A-B486-FE66BFEBA9B9"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc5:*:*:*:*:*:*","matchCriteriaId":"81DFF19E-9CF8-49C6-8C36-1E4038622933"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc6:*:*:*:*:*:*","matchCriteriaId":"B0E8FC71-3952-444C-83E9-718DBBBEC615"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/2bd550b547deabef98bd3b017ff743b7c34d3a6d","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/62bd09e23a23da70f9aae02748eba3e6bd93095d","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/72e259a32084c42816152c346096d2edd4213e23","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/daeceb0fe2a19651c58bbfa3d9d515ecb6ca8996","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/e1965e8913cfbf17622ca12638e7a07f68ba0848","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]}]}},{"cve":{"id":"CVE-2026-48933","sourceIdentifier":"support@hackerone.com","published":"2026-06-26T02:16:52.833","lastModified":"2026-07-07T12:16:56.600","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"A flaw in Node.js WebCrypto implementation can crash the process if the input of `subtle.encrypt()` is a multiple of 2GiB.\r\n\r\nThis vulnerability affects all supported release lines: **Node.js 22**, **Node.js 24**, and **Node.js 26**."}],"affected":[{"source":"support@hackerone.com","affectedData":[{"vendor":"nodejs","product":"node","defaultStatus":"unaffected","versions":[{"version":"22.22.3","lessThanOrEqual":"22.22.3","versionType":"semver","status":"affected"},{"version":"24.16.0","lessThanOrEqual":"24.16.0","versionType":"semver","status":"affected"},{"version":"26.3.0","lessThanOrEqual":"26.3.0","versionType":"semver","status":"affected"}]}]},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","affectedData":[{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream (v. 10)","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux:10.2"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream (v. 9)","defaultStatus":"affected","cpes":["cpe:/a:redhat:enterprise_linux:9::appstream"]},{"vendor":"Red Hat","product":"Red Hat Hardened Images","defaultStatus":"affected","cpes":["cpe:/a:redhat:hummingbird:1"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux:8"]}]}],"metrics":{"cvssMetricV31":[{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":3.6}],"cvssMetricV30":[{"source":"support@hackerone.com","type":"Secondary","cvssData":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-26T15:05:58.547904Z","id":"CVE-2026-48933","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"support@hackerone.com","type":"Secondary","description":[{"lang":"en","value":"CWE-190"}]},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","type":"Secondary","description":[{"lang":"en","value":"CWE-770"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:nodejs:node.js:22.22.3:*:*:*:-:*:*:*","matchCriteriaId":"3C0C5080-5F99-4651-9855-2DE03C9070C5"},{"vulnerable":true,"criteria":"cpe:2.3:a:nodejs:node.js:24.16.0:*:*:*:-:*:*:*","matchCriteriaId":"3B912C84-1AA5-4D74-AB1A-64162C80A33B"},{"vulnerable":true,"criteria":"cpe:2.3:a:nodejs:node.js:26.3.0:*:*:*:-:*:*:*","matchCriteriaId":"8152ACE6-3CAF-4CA0-8B19-D4753811EB44"}]}]}],"references":[{"url":"https://nodejs.org/en/blog/vulnerability/june-2026-security-releases","source":"support@hackerone.com","tags":["Patch","Vendor Advisory"]},{"url":"https://access.redhat.com/errata/RHSA-2026:28727","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:29012","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:30172","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:35841","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:35842","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:35891","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:35892","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:7378","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:9455","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/security/cve/CVE-2026-48933","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2493331","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-48933.json","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"}]}},{"cve":{"id":"CVE-2026-13573","sourceIdentifier":"cna@vuldb.com","published":"2026-06-29T15:16:38.687","lastModified":"2026-07-07T15:16:42.540","vulnStatus":"Deferred","cveTags":[{"sourceIdentifier":"cna@vuldb.com","tags":["disputed"]}],"descriptions":[{"lang":"en","value":"A vulnerability was found in llvm llvm-project up to 22.1.6. This affects the function llvm::StringMap::insert in the library /lib/IR/ValueSymbolTable.cpp of the component ValueSymbolTable Module. The manipulation results in stack-based buffer overflow. Attacking locally is a requirement. The exploit has been made public and could be used. The presence of this vulnerability remains uncertain at this time. The LLVM project explains, that the reported behavior is outside its documented security scope and therefore not considered a security vulnerability."}],"affected":[{"source":"cna@vuldb.com","affectedData":[{"vendor":"llvm","product":"llvm-project","cpes":["cpe:2.3:a:llvm:llvm-project:*:*:*:*:*:*:*:*"],"modules":["ValueSymbolTable Module"],"versions":[{"version":"22.1.0","status":"affected"},{"version":"22.1.1","status":"affected"},{"version":"22.1.2","status":"affected"},{"version":"22.1.3","status":"affected"},{"version":"22.1.4","status":"affected"},{"version":"22.1.5","status":"affected"},{"version":"22.1.6","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"cna@vuldb.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":1.9,"baseSeverity":"LOW","attackVector":"LOCAL","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"LOW","userInteraction":"NONE","vulnConfidentialityImpact":"NONE","vulnIntegrityImpact":"NONE","vulnAvailabilityImpact":"LOW","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"PROOF_OF_CONCEPT","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"cna@vuldb.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L","baseScore":3.3,"baseSeverity":"LOW","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"LOW"},"exploitabilityScore":1.8,"impactScore":1.4}],"cvssMetricV2":[{"source":"cna@vuldb.com","type":"Secondary","cvssData":{"version":"2.0","vectorString":"AV:L/AC:L/Au:S/C:N/I:N/A:P","baseScore":1.7,"accessVector":"LOCAL","accessComplexity":"LOW","authentication":"SINGLE","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"PARTIAL"},"baseSeverity":"LOW","exploitabilityScore":3.1,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-29T15:23:01.490159Z","id":"CVE-2026-13573","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"cna@vuldb.com","type":"Secondary","description":[{"lang":"en","value":"CWE-119"},{"lang":"en","value":"CWE-121"}]}],"references":[{"url":"https://github.com/llvm/llvm-project/","source":"cna@vuldb.com"},{"url":"https://github.com/llvm/llvm-project/issues/199187","source":"cna@vuldb.com"},{"url":"https://github.com/user-attachments/files/28141697/poc.zip","source":"cna@vuldb.com"},{"url":"https://vuldb.com/cve/CVE-2026-13573","source":"cna@vuldb.com"},{"url":"https://vuldb.com/submit/844457","source":"cna@vuldb.com"},{"url":"https://vuldb.com/vuln/374581","source":"cna@vuldb.com"},{"url":"https://vuldb.com/vuln/374581/cti","source":"cna@vuldb.com"}]}},{"cve":{"id":"CVE-2026-13574","sourceIdentifier":"cna@vuldb.com","published":"2026-06-29T15:16:38.857","lastModified":"2026-07-07T15:16:42.707","vulnStatus":"Deferred","cveTags":[{"sourceIdentifier":"cna@vuldb.com","tags":["disputed"]}],"descriptions":[{"lang":"en","value":"A vulnerability was determined in llvm llvm-project up to 22.1.6. This impacts the function GCRelocateInst::getBasePtr in the library llvm/lib/IR/IntrinsicInst.cpp of the component Bitcode File Handler. This manipulation causes heap-based buffer overflow. It is possible to launch the attack on the local host. The exploit has been publicly disclosed and may be utilized. There are still doubts about whether this vulnerability truly exists. The LLVM project explains, that the reported behavior is outside its documented security scope and therefore not considered a security vulnerability."}],"affected":[{"source":"cna@vuldb.com","affectedData":[{"vendor":"llvm","product":"llvm-project","cpes":["cpe:2.3:a:llvm:llvm-project:*:*:*:*:*:*:*:*"],"modules":["Bitcode File Handler"],"versions":[{"version":"22.1.0","status":"affected"},{"version":"22.1.1","status":"affected"},{"version":"22.1.2","status":"affected"},{"version":"22.1.3","status":"affected"},{"version":"22.1.4","status":"affected"},{"version":"22.1.5","status":"affected"},{"version":"22.1.6","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"cna@vuldb.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":1.9,"baseSeverity":"LOW","attackVector":"LOCAL","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"LOW","userInteraction":"NONE","vulnConfidentialityImpact":"NONE","vulnIntegrityImpact":"NONE","vulnAvailabilityImpact":"LOW","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"PROOF_OF_CONCEPT","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"cna@vuldb.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L","baseScore":3.3,"baseSeverity":"LOW","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"LOW"},"exploitabilityScore":1.8,"impactScore":1.4}],"cvssMetricV2":[{"source":"cna@vuldb.com","type":"Secondary","cvssData":{"version":"2.0","vectorString":"AV:L/AC:L/Au:S/C:N/I:N/A:P","baseScore":1.7,"accessVector":"LOCAL","accessComplexity":"LOW","authentication":"SINGLE","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"PARTIAL"},"baseSeverity":"LOW","exploitabilityScore":3.1,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-01T14:03:05.481009Z","id":"CVE-2026-13574","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"cna@vuldb.com","type":"Secondary","description":[{"lang":"en","value":"CWE-119"},{"lang":"en","value":"CWE-122"}]}],"references":[{"url":"https://github.com/llvm/llvm-project/","source":"cna@vuldb.com"},{"url":"https://github.com/llvm/llvm-project/issues/199191","source":"cna@vuldb.com"},{"url":"https://github.com/user-attachments/files/28142619/poc.zip","source":"cna@vuldb.com"},{"url":"https://vuldb.com/cve/CVE-2026-13574","source":"cna@vuldb.com"},{"url":"https://vuldb.com/submit/844468","source":"cna@vuldb.com"},{"url":"https://vuldb.com/vuln/374582","source":"cna@vuldb.com"},{"url":"https://vuldb.com/vuln/374582/cti","source":"cna@vuldb.com"},{"url":"https://github.com/llvm/llvm-project/issues/199191","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0"}]}},{"cve":{"id":"CVE-2026-58593","sourceIdentifier":"disclosure@vulncheck.com","published":"2026-07-01T20:17:11.750","lastModified":"2026-07-07T13:16:32.190","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"NodeBB does not bind the claimed author of an inbound ActivityPub object to the authenticated remote actor. The inbound middleware verifies the HTTP-signature actor and checks the origin of object.id, but never validates that attributedTo corresponds to the sender. In the object mock, attributedTo is used directly as a uid, and actors.assert silently ignores numeric identifiers (filtering them out without re-deriving the uid), so a federated remote actor can set attributedTo to a bare numeric value such as 1 and have the resulting post or private message created with that local uid as author, including the administrator account. This lets a remote attacker forge posts and direct messages attributed to arbitrary local users. Requires the ActivityPub/federation feature to be enabled."}],"affected":[{"source":"disclosure@vulncheck.com","affectedData":[{"vendor":"NodeBB","product":"NodeBB","defaultStatus":"affected","versions":[{"version":"4.13.2","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"disclosure@vulncheck.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":8.7,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"NONE","userInteraction":"NONE","vulnConfidentialityImpact":"NONE","vulnIntegrityImpact":"HIGH","vulnAvailabilityImpact":"NONE","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"disclosure@vulncheck.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-02T15:08:35.864075Z","id":"CVE-2026-58593","options":[{"exploitation":"poc"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"disclosure@vulncheck.com","type":"Secondary","description":[{"lang":"en","value":"CWE-290"},{"lang":"en","value":"CWE-345"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:nodebb:nodebb:*:*:*:*:*:*:*:*","versionEndIncluding":"4.13.2","matchCriteriaId":"C2E78322-362C-4F8A-9BFF-7AC22A4C687E"}]}]}],"references":[{"url":"https://github.com/NodeBB/NodeBB/blob/v4.13.2/src/activitypub/mocks.js","source":"disclosure@vulncheck.com","tags":["Exploit","Third Party Advisory"]},{"url":"https://github.com/bikini/exploitarium/tree/main/nodebb-activitypub-attributedto-local-uid-spoof-poc","source":"disclosure@vulncheck.com","tags":["Exploit","Third Party Advisory"]},{"url":"https://www.vulncheck.com/advisories/nodebb-activitypub-author-spoofing-via-unvalidated-attributedto-mapped-to-local-user","source":"disclosure@vulncheck.com","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2026-54408","sourceIdentifier":"support@hackerone.com","published":"2026-07-02T15:17:04.523","lastModified":"2026-07-07T16:33:15.573","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"A malicious actor with access to the network could exploit an Improper Access Control vulnerability found in UniFi Protect Application to bypass authentication for data streaming."}],"affected":[{"source":"support@hackerone.com","affectedData":[{"vendor":"Ubiquiti Inc","product":"UniFi Protect Application","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"7.1.83","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"support@hackerone.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L","baseScore":8.6,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"LOW","availabilityImpact":"LOW"},"exploitabilityScore":3.9,"impactScore":4.7},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-02T16:08:19.674522Z","id":"CVE-2026-54408","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"support@hackerone.com","type":"Secondary","description":[{"lang":"en","value":"CWE-284"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-noinfo"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:ui:unifi_protect:*:*:*:*:*:*:*:*","versionEndExcluding":"7.1.83","matchCriteriaId":"CCB52AC4-8FD0-49B7-A3C2-42BB928906BB"}]}]}],"references":[{"url":"https://community.ui.com/releases/Security-Advisory-Bulletin-066-066/984eceb3-49c8-4227-942d-671c289b3afc","source":"support@hackerone.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-54409","sourceIdentifier":"support@hackerone.com","published":"2026-07-02T15:17:04.627","lastModified":"2026-07-07T16:34:31.990","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"A malicious actor with access to the network and under certain conditions could exploit an Improper Initialization vulnerability found in UniFi Protect Application to bypass authentication in UniFi Protect Cameras."}],"affected":[{"source":"support@hackerone.com","affectedData":[{"vendor":"Ubiquiti Inc","product":"UniFi Protect Application","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"7.1.83","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"support@hackerone.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.6,"impactScore":5.9},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":8.1,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.2,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-02T16:09:56.430776Z","id":"CVE-2026-54409","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"support@hackerone.com","type":"Secondary","description":[{"lang":"en","value":"CWE-665"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:ui:unifi_protect:*:*:*:*:*:*:*:*","versionEndExcluding":"7.1.83","matchCriteriaId":"CCB52AC4-8FD0-49B7-A3C2-42BB928906BB"}]}]}],"references":[{"url":"https://community.ui.com/releases/Security-Advisory-Bulletin-066-066/984eceb3-49c8-4227-942d-671c289b3afc","source":"support@hackerone.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-55115","sourceIdentifier":"support@hackerone.com","published":"2026-07-02T15:17:05.513","lastModified":"2026-07-07T16:36:26.370","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"A malicious actor with access to the network and low privileges could exploit a Server-Side Request Forgery (SSRF) in UniFi Protect Application to escalate privileges on the host device."}],"affected":[{"source":"support@hackerone.com","affectedData":[{"vendor":"Ubiquiti Inc","product":"UniFi Protect Application","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"7.1.83","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"support@hackerone.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H","baseScore":9.9,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.1,"impactScore":6.0},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H","baseScore":9.9,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.1,"impactScore":6.0}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-02T15:41:27.696866Z","id":"CVE-2026-55115","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"support@hackerone.com","type":"Secondary","description":[{"lang":"en","value":"CWE-918"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:ui:unifi_protect:*:*:*:*:*:*:*:*","versionEndExcluding":"7.1.83","matchCriteriaId":"CCB52AC4-8FD0-49B7-A3C2-42BB928906BB"}]}]}],"references":[{"url":"https://community.ui.com/releases/Security-Advisory-Bulletin-066-066/984eceb3-49c8-4227-942d-671c289b3afc","source":"support@hackerone.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-9272","sourceIdentifier":"security@progress.com","published":"2026-07-02T15:17:11.937","lastModified":"2026-07-07T16:37:11.803","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"In Progress Flowmon ADS versions prior to 12.5.6 and 13.0.5, a vulnerability exists whereby an adversary who is authenticated as a low-privileged user in the Anomaly Detection System (ADS) may send specially crafted requests that could result in unauthorized access to application data and its modification."}],"affected":[{"source":"security@progress.com","affectedData":[{"vendor":"Progress Software","product":"Flowmon ADS","defaultStatus":"affected","versions":[{"version":"Flowmon ADS 12 versions prior to 12.5.6","versionType":"custom","status":"affected"},{"version":"Flowmon ADS 13 versions prior to 13.0.5","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"security@progress.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":8.7,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"LOW","userInteraction":"NONE","vulnConfidentialityImpact":"HIGH","vulnIntegrityImpact":"HIGH","vulnAvailabilityImpact":"HIGH","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N","baseScore":8.1,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":5.2}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-02T00:00:00+00:00","id":"CVE-2026-9272","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security@progress.com","type":"Secondary","description":[{"lang":"en","value":"CWE-89"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:progress:flowmon_anomaly_detection_system:*:*:*:*:*:*:*:*","versionStartIncluding":"12.5.0","versionEndExcluding":"12.5.6","matchCriteriaId":"60D0F762-0F40-4B9A-A149-497183BB45DB"},{"vulnerable":true,"criteria":"cpe:2.3:a:progress:flowmon_anomaly_detection_system:*:*:*:*:*:*:*:*","versionStartIncluding":"13.0.0","versionEndExcluding":"13.0.5","matchCriteriaId":"9B087230-F276-4512-8098-77C8587E0C63"}]}]}],"references":[{"url":"https://community.progress.com/s/article/Flowmon-CVE-2026-9272","source":"security@progress.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-44941","sourceIdentifier":"meissner@suse.de","published":"2026-07-02T16:16:30.550","lastModified":"2026-07-07T17:27:50.640","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"A relative path traversal in the \"keyhint\" option in repomd.xml parsing of libzypp before 17.38.12 can be used by attackers able to supply a malicious repository to inject or overwrite files in the target system as root."}],"affected":[{"source":"meissner@suse.de","affectedData":[{"vendor":"SUSE","product":"libzypp","defaultStatus":"unaffected","packageName":"libzypp","repo":"https://github.com/openSUSE/libzypp/","versions":[{"version":"0","lessThan":"17.38.12","versionType":"rpm","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"meissner@suse.de","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:H","baseScore":8.4,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.7,"impactScore":6.0},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-03T03:56:15.064595Z","id":"CVE-2026-44941","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"meissner@suse.de","type":"Secondary","description":[{"lang":"en","value":"CWE-23"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:opensuse:libzypp:*:*:*:*:*:*:*:*","versionEndExcluding":"17.38.12","matchCriteriaId":"9BBF2953-1544-41D0-8CB2-059C0EF29A14"}]}]}],"references":[{"url":"https://bugzilla.suse.com/show_bug.cgi?id=1267426","source":"meissner@suse.de","tags":["Exploit","Third Party Advisory"]},{"url":"https://github.com/openSUSE/libzypp/commit/294b1bad442d089ca671c5c03adc8031e3b29e04","source":"meissner@suse.de","tags":["Patch"]}]}},{"cve":{"id":"CVE-2026-53422","sourceIdentifier":"6b3ad84c-e1a6-4bf7-a703-f496b71e49db","published":"2026-07-02T17:17:01.473","lastModified":"2026-07-07T14:56:32.030","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Observable Response Discrepancy vulnerability in Erlang OTP ssh (ssh_sftpd module) allows an authenticated SFTP user to enumerate the existence of files and directories outside the configured root directory.\n\nThe SSH_FXP_REALPATH handler in ssh_sftpd calls relate_file_name/3 with Canonicalize=false, unlike every other SFTP operation handler. This allows .. components in the requested path to bypass the is_within_root/2 check without being resolved. The un-canonicalized path then enters resolve_symlinks/2, which walks up the directory tree above the configured root and issues read_link() syscalls on arbitrary filesystem paths.\n\nAn authenticated SFTP client can exploit this by sending a REALPATH request with a crafted traversal path. The server response differs depending on whether the target path exists on the host filesystem (SSH_FXP_NAME when the path resolves successfully, SSH_FX_NO_SUCH_FILE when it does not). This creates a path-existence oracle that an attacker can use to enumerate the filesystem structure outside the configured root, including the existence of sensitive files, directories, and mount points.\n\nThe vulnerability leaks only the existence of paths. No file contents, credentials, or write access are obtainable through this issue alone. The information gained may assist further attacks when combined with other vulnerabilities.\n\nThis vulnerability is associated with program files lib/ssh/src/ssh_sftpd.erl and program routine ssh_sftpd:handle_op/4.\n\nThis issue affects OTP from OTP 17.0 until OTP 29.0.3, 28.5.0.3, and 27.3.4.14 corresponding to ssh from 3.0.1 until 6.0.2, 5.5.2.2, and 5.2.11.9."}],"affected":[{"source":"6b3ad84c-e1a6-4bf7-a703-f496b71e49db","affectedData":[{"vendor":"Erlang","product":"OTP","defaultStatus":"unaffected","packageName":"ssh","cpes":["cpe:2.3:a:erlang:erlang\\/otp:*:*:*:*:*:*:*:*"],"modules":["ssh_sftpd"],"programFiles":["src/ssh_sftpd.erl"],"programRoutines":[{"name":"ssh_sftpd:handle_op/4"}],"repo":"https://github.com/erlang/otp","packageURL":"pkg:otp/ssh?repository_url=https:%2F%2Fgithub.com%2Ferlang%2Fotp&vcs_url=git%20https:%2F%2Fgithub.com%2Ferlang%2Fotp.git","versions":[{"version":"3.0.1","lessThan":"*","versionType":"otp","status":"affected","changes":[{"at":"6.0.2","status":"unaffected"},{"at":"5.5.2.2","status":"unaffected"},{"at":"5.2.11.9","status":"unaffected"}]}]},{"vendor":"Erlang","product":"OTP","defaultStatus":"unaffected","collectionURL":"https://github.com","packageName":"erlang/otp","cpes":["cpe:2.3:a:erlang:erlang\\/otp:*:*:*:*:*:*:*:*"],"modules":["ssh_sftpd"],"programFiles":["lib/ssh/src/ssh_sftpd.erl"],"programRoutines":[{"name":"ssh_sftpd:handle_op/4"}],"repo":"https://github.com/erlang/otp","packageURL":"pkg:github/erlang/otp","versions":[{"version":"17.0","lessThan":"*","versionType":"otp","status":"affected","changes":[{"at":"29.0.3","status":"unaffected"},{"at":"28.5.0.3","status":"unaffected"},{"at":"27.3.4.14","status":"unaffected"}]},{"version":"84adefa331c4159d432d22840663c38f155cd4c1","lessThan":"*","versionType":"git","status":"affected","changes":[{"at":"059e5785ef8c1d423820ca633fb7b37f47645172","status":"unaffected"},{"at":"86622cfaacf57a02c7645d1999f946846b504c94","status":"unaffected"},{"at":"c5a8f50ae68888ff243c5c741a06d2b3a4b48b7a","status":"unaffected"}]}]}]}],"metrics":{"cvssMetricV40":[{"source":"6b3ad84c-e1a6-4bf7-a703-f496b71e49db","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":2.3,"baseSeverity":"LOW","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"PRESENT","privilegesRequired":"LOW","userInteraction":"NONE","vulnConfidentialityImpact":"LOW","vulnIntegrityImpact":"NONE","vulnAvailabilityImpact":"NONE","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N","baseScore":4.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":1.4}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-02T17:29:13.490797Z","id":"CVE-2026-53422","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"6b3ad84c-e1a6-4bf7-a703-f496b71e49db","type":"Secondary","description":[{"lang":"en","value":"CWE-204"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:erlang:erlang\\/otp:*:*:*:*:*:*:*:*","versionStartIncluding":"17.0","versionEndExcluding":"27.3.4.14","matchCriteriaId":"863CA902-6EB1-46CB-BC52-22F3AC6B4A14"},{"vulnerable":true,"criteria":"cpe:2.3:a:erlang:erlang\\/otp:*:*:*:*:*:*:*:*","versionStartIncluding":"28.0","versionEndExcluding":"28.5.0.3","matchCriteriaId":"230E3EE3-6A18-4848-8E3D-DB0FAA8EDFDC"},{"vulnerable":true,"criteria":"cpe:2.3:a:erlang:erlang\\/otp:*:*:*:*:*:*:*:*","versionStartIncluding":"29.0","versionEndExcluding":"29.0.3","matchCriteriaId":"5D2D0C24-E302-48BF-9550-CCC7ABA24BED"},{"vulnerable":true,"criteria":"cpe:2.3:a:erlang:erlang\\/ssh:*:*:*:*:*:*:*:*","versionStartIncluding":"3.0.1","versionEndExcluding":"5.2.11.9","matchCriteriaId":"95A15E38-CAD2-4125-8BE5-459E49DFC7A1"},{"vulnerable":true,"criteria":"cpe:2.3:a:erlang:erlang\\/ssh:*:*:*:*:*:*:*:*","versionStartIncluding":"5.3","versionEndExcluding":"5.5.2.2","matchCriteriaId":"DB94AEFD-9387-4C22-B323-D0E5CB5D0E75"},{"vulnerable":true,"criteria":"cpe:2.3:a:erlang:erlang\\/ssh:*:*:*:*:*:*:*:*","versionStartIncluding":"6.0","versionEndExcluding":"6.0.2","matchCriteriaId":"4304282D-4C02-4CE4-AB77-476A763C1F69"}]}]}],"references":[{"url":"https://cna.erlef.org/cves/CVE-2026-53422.html","source":"6b3ad84c-e1a6-4bf7-a703-f496b71e49db","tags":["Mitigation","Vendor Advisory"]},{"url":"https://github.com/erlang/otp/commit/059e5785ef8c1d423820ca633fb7b37f47645172","source":"6b3ad84c-e1a6-4bf7-a703-f496b71e49db","tags":["Patch"]},{"url":"https://github.com/erlang/otp/commit/86622cfaacf57a02c7645d1999f946846b504c94","source":"6b3ad84c-e1a6-4bf7-a703-f496b71e49db","tags":["Patch"]},{"url":"https://github.com/erlang/otp/commit/c5a8f50ae68888ff243c5c741a06d2b3a4b48b7a","source":"6b3ad84c-e1a6-4bf7-a703-f496b71e49db","tags":["Patch"]},{"url":"https://github.com/erlang/otp/security/advisories/GHSA-h9pw-h5w4-h976","source":"6b3ad84c-e1a6-4bf7-a703-f496b71e49db","tags":["Mitigation","Vendor Advisory"]},{"url":"https://osv.dev/vulnerability/EEF-CVE-2026-53422","source":"6b3ad84c-e1a6-4bf7-a703-f496b71e49db","tags":["Mitigation","Third Party Advisory"]},{"url":"https://www.erlang.org/doc/system/versions.html#order-of-versions","source":"6b3ad84c-e1a6-4bf7-a703-f496b71e49db","tags":["Release Notes"]}]}},{"cve":{"id":"CVE-2026-54886","sourceIdentifier":"6b3ad84c-e1a6-4bf7-a703-f496b71e49db","published":"2026-07-02T17:17:02.387","lastModified":"2026-07-07T14:53:35.410","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Loop with Unreachable Exit Condition ('Infinite Loop') vulnerability in Erlang OTP ssh (ssh_sftpd module) allows an authenticated SFTP user to render an SFTP channel permanently unresponsive.\n\nThe handle_data/4 function in ssh_sftpd contains a catch-all clause that accepts channel data of any type. When channel data with a non-zero type code (SSH_MSG_CHANNEL_EXTENDED_DATA) arrives with an empty pending buffer and a payload at or below the SFTP packet size limit, the clause tail-calls itself with identical arguments, creating an infinite loop.\n\nThe SFTP protocol operates exclusively on normal channel data (type 0). Extended data (non-zero type) is meaningless for SFTP and is never sent by conforming clients. However, the SSH protocol permits any channel participant to send extended data on an open channel, so an authenticated SFTP client can trigger the loop by sending SSH_MSG_CHANNEL_EXTENDED_DATA with any data_type_code and any non-empty payload at or below the size limit.\n\nThe targeted ssh_sftpd process enters an infinite tail-recursive loop. It never processes another message, its message queue grows without bound, and it can only be stopped by killing the process. BEAM's reduction-based scheduler preemption continues to function, so other processes on the node are not starved, but each stuck channel process consumes its full CPU time share continuously and accumulates unbounded message queue memory. Opening many channels amplifies the CPU and memory impact.\n\nErlang/OTP SSH configurations using the default max_channels setting (infinity) allow an authenticated user to open unlimited channels per connection, amplifying the attack without requiring multiple TCP connections or authentications.\n\nNo file contents, credentials, or write access are obtainable through this issue. The impact is limited to denial of service on targeted SFTP channels, with secondary CPU degradation and memory growth.\n\nThis vulnerability is associated with program file lib/ssh/src/ssh_sftpd.erl and program routine ssh_sftpd:handle_data/4.\n\nThis issue affects OTP from OTP 17.0 until OTP 29.0.3, 28.5.0.3, and 27.3.4.14 corresponding to ssh from 3.0.1 until 6.0.2, 5.5.2.2, and 5.2.11.9."}],"affected":[{"source":"6b3ad84c-e1a6-4bf7-a703-f496b71e49db","affectedData":[{"vendor":"Erlang","product":"OTP","defaultStatus":"unaffected","packageName":"ssh","cpes":["cpe:2.3:a:erlang:erlang\\/otp:*:*:*:*:*:*:*:*"],"modules":["ssh_sftpd"],"programFiles":["src/ssh_sftpd.erl"],"programRoutines":[{"name":"ssh_sftpd:handle_data/4"}],"repo":"https://github.com/erlang/otp","packageURL":"pkg:otp/ssh?repository_url=https:%2F%2Fgithub.com%2Ferlang%2Fotp&vcs_url=git%20https:%2F%2Fgithub.com%2Ferlang%2Fotp.git","versions":[{"version":"3.0.1","lessThan":"*","versionType":"otp","status":"affected","changes":[{"at":"6.0.2","status":"unaffected"},{"at":"5.5.2.2","status":"unaffected"},{"at":"5.2.11.9","status":"unaffected"}]}]},{"vendor":"Erlang","product":"OTP","defaultStatus":"unaffected","collectionURL":"https://github.com","packageName":"erlang/otp","cpes":["cpe:2.3:a:erlang:erlang\\/otp:*:*:*:*:*:*:*:*"],"modules":["ssh_sftpd"],"programFiles":["lib/ssh/src/ssh_sftpd.erl"],"programRoutines":[{"name":"ssh_sftpd:handle_data/4"}],"repo":"https://github.com/erlang/otp","packageURL":"pkg:github/erlang/otp","versions":[{"version":"17.0","lessThan":"*","versionType":"otp","status":"affected","changes":[{"at":"29.0.3","status":"unaffected"},{"at":"28.5.0.3","status":"unaffected"},{"at":"27.3.4.14","status":"unaffected"}]},{"version":"84adefa3318eef8631bf25cd233246a86eea18cd","lessThan":"eaf9550b8ad4738b81149d3f617102d980c6dd18","versionType":"git","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"6b3ad84c-e1a6-4bf7-a703-f496b71e49db","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":5.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"LOW","userInteraction":"NONE","vulnConfidentialityImpact":"NONE","vulnIntegrityImpact":"NONE","vulnAvailabilityImpact":"LOW","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L","baseScore":4.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"LOW"},"exploitabilityScore":2.8,"impactScore":1.4}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-02T17:27:25.414155Z","id":"CVE-2026-54886","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"6b3ad84c-e1a6-4bf7-a703-f496b71e49db","type":"Secondary","description":[{"lang":"en","value":"CWE-400"},{"lang":"en","value":"CWE-835"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:erlang:erlang\\/otp:*:*:*:*:*:*:*:*","versionStartIncluding":"17.0","versionEndExcluding":"27.3.4.14","matchCriteriaId":"863CA902-6EB1-46CB-BC52-22F3AC6B4A14"},{"vulnerable":true,"criteria":"cpe:2.3:a:erlang:erlang\\/otp:*:*:*:*:*:*:*:*","versionStartIncluding":"28.0","versionEndExcluding":"28.5.0.3","matchCriteriaId":"230E3EE3-6A18-4848-8E3D-DB0FAA8EDFDC"},{"vulnerable":true,"criteria":"cpe:2.3:a:erlang:erlang\\/otp:*:*:*:*:*:*:*:*","versionStartIncluding":"29.0","versionEndExcluding":"29.0.3","matchCriteriaId":"5D2D0C24-E302-48BF-9550-CCC7ABA24BED"},{"vulnerable":true,"criteria":"cpe:2.3:a:erlang:erlang\\/ssh:*:*:*:*:*:*:*:*","versionStartIncluding":"3.0.1","versionEndExcluding":"5.2.11.9","matchCriteriaId":"95A15E38-CAD2-4125-8BE5-459E49DFC7A1"},{"vulnerable":true,"criteria":"cpe:2.3:a:erlang:erlang\\/ssh:*:*:*:*:*:*:*:*","versionStartIncluding":"5.3","versionEndExcluding":"5.5.2.2","matchCriteriaId":"DB94AEFD-9387-4C22-B323-D0E5CB5D0E75"},{"vulnerable":true,"criteria":"cpe:2.3:a:erlang:erlang\\/ssh:*:*:*:*:*:*:*:*","versionStartIncluding":"6.0","versionEndExcluding":"6.0.2","matchCriteriaId":"4304282D-4C02-4CE4-AB77-476A763C1F69"}]}]}],"references":[{"url":"https://cna.erlef.org/cves/CVE-2026-54886.html","source":"6b3ad84c-e1a6-4bf7-a703-f496b71e49db","tags":["Mitigation","Vendor Advisory"]},{"url":"https://github.com/erlang/otp/commit/eaf9550b8ad4738b81149d3f617102d980c6dd18","source":"6b3ad84c-e1a6-4bf7-a703-f496b71e49db","tags":["Patch"]},{"url":"https://github.com/erlang/otp/security/advisories/GHSA-7wp4-pc27-2vj9","source":"6b3ad84c-e1a6-4bf7-a703-f496b71e49db","tags":["Mitigation","Vendor Advisory"]},{"url":"https://osv.dev/vulnerability/EEF-CVE-2026-54886","source":"6b3ad84c-e1a6-4bf7-a703-f496b71e49db","tags":["Mitigation","Third Party Advisory"]},{"url":"https://www.erlang.org/doc/system/versions.html#order-of-versions","source":"6b3ad84c-e1a6-4bf7-a703-f496b71e49db","tags":["Release Notes"]}]}},{"cve":{"id":"CVE-2026-54887","sourceIdentifier":"6b3ad84c-e1a6-4bf7-a703-f496b71e49db","published":"2026-07-02T17:17:02.570","lastModified":"2026-07-07T14:52:32.123","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Use of Default Cryptographic Key vulnerability in Erlang/OTP ssl (DTLS server) allows predictable DTLS cookie computation during the startup window, enabling source address verification bypass.\n\nOn DTLS server startup, dtls_server_connection:initial_hello/3 initializes previous_cookie_secret to the empty binary (<<>>) instead of a random value. Because HMAC with an empty key is deterministic, anyone who observes the plaintext ClientHello can compute dtls_handshake:cookie(<<>>, IP, Port, Hello) and forge a valid DTLS cookie before the first rotation of the cookie secret. The DTLS cookie (RFC 6347 §4.2.1) is a denial-of-service mitigation that prevents spoofed source IPs from forcing the server to allocate state and perform expensive cryptographic operations; it is not an authentication mechanism. During the window from server startup until the first secret rotation (0 to 15 seconds), an attacker who can observe the plaintext ClientHello can bypass the source address verification, enabling DTLS handshake amplification with spoofed source addresses.\n\nThis vulnerability is associated with program file lib/ssl/src/dtls_server_connection.erl and program routine dtls_server_connection:initial_hello/3.\n\nThis issue affects OTP from OTP 20.0 before 29.0.3, 28.5.0.3 and 27.3.4.14 corresponding to ssl from 8.2 before 11.7.3, 11.6.0.3 and 11.2.12.10."}],"affected":[{"source":"6b3ad84c-e1a6-4bf7-a703-f496b71e49db","affectedData":[{"vendor":"Erlang","product":"OTP","defaultStatus":"unaffected","packageName":"ssl","cpes":["cpe:2.3:a:erlang:erlang\\/otp:*:*:*:*:*:*:*:*"],"modules":["dtls_server_connection"],"programFiles":["src/dtls_server_connection.erl"],"programRoutines":[{"name":"dtls_server_connection:initial_hello/3"}],"repo":"https://github.com/erlang/otp","packageURL":"pkg:otp/ssl?repository_url=https:%2F%2Fgithub.com%2Ferlang%2Fotp&vcs_url=git%20https:%2F%2Fgithub.com%2Ferlang%2Fotp.git","versions":[{"version":"8.2","lessThan":"*","versionType":"otp","status":"affected","changes":[{"at":"11.7.3","status":"unaffected"},{"at":"11.6.0.3","status":"unaffected"},{"at":"11.2.12.10","status":"unaffected"}]}]},{"vendor":"Erlang","product":"OTP","defaultStatus":"unaffected","collectionURL":"https://github.com","packageName":"erlang/otp","cpes":["cpe:2.3:a:erlang:erlang\\/otp:*:*:*:*:*:*:*:*"],"modules":["dtls_server_connection"],"programFiles":["lib/ssl/src/dtls_server_connection.erl"],"programRoutines":[{"name":"dtls_server_connection:initial_hello/3"}],"repo":"https://github.com/erlang/otp","packageURL":"pkg:github/erlang/otp","versions":[{"version":"20.0","lessThan":"*","versionType":"otp","status":"affected","changes":[{"at":"29.0.3","status":"unaffected"},{"at":"28.5.0.3","status":"unaffected"},{"at":"27.3.4.14","status":"unaffected"}]},{"version":"e594aad2f87aab39e99fccf9e021bc94e0bbf7d4","lessThan":"888e3bcd72d5406016b9e0de741026bc2a6f114d","versionType":"git","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"6b3ad84c-e1a6-4bf7-a703-f496b71e49db","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":6.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"PRESENT","privilegesRequired":"NONE","userInteraction":"NONE","vulnConfidentialityImpact":"NONE","vulnIntegrityImpact":"NONE","vulnAvailabilityImpact":"LOW","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N","baseScore":4.8,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.2,"impactScore":2.5}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-02T17:28:36.936306Z","id":"CVE-2026-54887","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"6b3ad84c-e1a6-4bf7-a703-f496b71e49db","type":"Secondary","description":[{"lang":"en","value":"CWE-1394"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:erlang:erlang\\/otp:*:*:*:*:*:*:*:*","versionStartIncluding":"20.0","versionEndExcluding":"27.3.4.14","matchCriteriaId":"9518F36D-1DBF-4D55-8FF3-FB98F16B46F8"},{"vulnerable":true,"criteria":"cpe:2.3:a:erlang:erlang\\/otp:*:*:*:*:*:*:*:*","versionStartIncluding":"28.0","versionEndExcluding":"28.5.0.3","matchCriteriaId":"230E3EE3-6A18-4848-8E3D-DB0FAA8EDFDC"},{"vulnerable":true,"criteria":"cpe:2.3:a:erlang:erlang\\/otp:*:*:*:*:*:*:*:*","versionStartIncluding":"29.0","versionEndExcluding":"29.0.3","matchCriteriaId":"5D2D0C24-E302-48BF-9550-CCC7ABA24BED"},{"vulnerable":true,"criteria":"cpe:2.3:a:erlang:erlang\\/ssl:*:*:*:*:*:*:*:*","versionStartIncluding":"8.2","versionEndExcluding":"11.2.12.10","matchCriteriaId":"8BC761D4-709A-4B2B-92E6-6B6E8B98E5B0"},{"vulnerable":true,"criteria":"cpe:2.3:a:erlang:erlang\\/ssl:*:*:*:*:*:*:*:*","versionStartIncluding":"11.3","versionEndExcluding":"11.6.0.3","matchCriteriaId":"670E1622-32D4-45D0-A05E-9A3F76CC0F15"},{"vulnerable":true,"criteria":"cpe:2.3:a:erlang:erlang\\/ssl:*:*:*:*:*:*:*:*","versionStartIncluding":"11.7","versionEndExcluding":"11.7.3","matchCriteriaId":"217D7CA5-49E9-4805-A2F6-32EC75F6EE91"}]}]}],"references":[{"url":"https://cna.erlef.org/cves/CVE-2026-54887.html","source":"6b3ad84c-e1a6-4bf7-a703-f496b71e49db","tags":["Vendor Advisory"]},{"url":"https://github.com/erlang/otp/commit/888e3bcd72d5406016b9e0de741026bc2a6f114d","source":"6b3ad84c-e1a6-4bf7-a703-f496b71e49db","tags":["Patch"]},{"url":"https://github.com/erlang/otp/security/advisories/GHSA-p2m2-3c2w-8jp8","source":"6b3ad84c-e1a6-4bf7-a703-f496b71e49db","tags":["Vendor Advisory"]},{"url":"https://osv.dev/vulnerability/EEF-CVE-2026-54887","source":"6b3ad84c-e1a6-4bf7-a703-f496b71e49db","tags":["Third Party Advisory"]},{"url":"https://www.erlang.org/doc/system/versions.html#order-of-versions","source":"6b3ad84c-e1a6-4bf7-a703-f496b71e49db","tags":["Release Notes"]}]}},{"cve":{"id":"CVE-2026-54891","sourceIdentifier":"6b3ad84c-e1a6-4bf7-a703-f496b71e49db","published":"2026-07-02T17:17:02.747","lastModified":"2026-07-07T14:46:21.213","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Improper Enforcement of Message Integrity During Transmission in a Communication Channel vulnerability in Erlang/OTP ssl (tls_gen_connection module) allows a network-positioned attacker to inject unauthenticated plaintext that the TLS client application later treats as authenticated server data.\n\nThe function tls_gen_connection:handle_protocol_record/3 rejects APPLICATION_DATA records that arrive in pre-handshake states when the TLS endpoint acts as a server, but does not apply the same check when the endpoint acts as a client. A network-positioned attacker can send plaintext APPLICATION_DATA records to the client during the handshake. The records are buffered and, once the handshake completes successfully, delivered to the application as if they were authenticated post-handshake data. The attacker cannot observe the client's response or steer the connection, so the impact is limited to blind injection of unauthenticated bytes. The injection window is wider for TLS versions prior to TLS 1.3 than for TLS 1.3.\n\nThis vulnerability is associated with program file lib/ssl/src/tls_gen_connection.erl.\n\nThis issue affects OTP from OTP 17.0 before 29.0.3, 28.5.0.3 and 27.3.4.14 corresponding to ssl from 5.3.4 before 11.7.3, 11.6.0.3 and 11.2.12.10. TLS 1.3 is affected starting with OTP 22.0, when TLS 1.3 support was added."}],"affected":[{"source":"6b3ad84c-e1a6-4bf7-a703-f496b71e49db","affectedData":[{"vendor":"Erlang","product":"OTP","defaultStatus":"unaffected","packageName":"ssl","cpes":["cpe:2.3:a:erlang:erlang\\/otp:*:*:*:*:*:*:*:*"],"modules":["tls_gen_connection"],"programFiles":["src/tls_gen_connection.erl"],"programRoutines":[{"name":"tls_gen_connection:handle_protocol_record/3"}],"repo":"https://github.com/erlang/otp","packageURL":"pkg:otp/ssl?repository_url=https:%2F%2Fgithub.com%2Ferlang%2Fotp&vcs_url=git%20https:%2F%2Fgithub.com%2Ferlang%2Fotp.git","versions":[{"version":"5.3.4","lessThan":"*","versionType":"otp","status":"affected","changes":[{"at":"11.7.3","status":"unaffected"},{"at":"11.6.0.3","status":"unaffected"},{"at":"11.2.12.10","status":"unaffected"}]}]},{"vendor":"Erlang","product":"OTP","defaultStatus":"unaffected","collectionURL":"https://github.com","packageName":"erlang/otp","cpes":["cpe:2.3:a:erlang:erlang\\/otp:*:*:*:*:*:*:*:*"],"modules":["tls_gen_connection"],"programFiles":["lib/ssl/src/tls_gen_connection.erl"],"programRoutines":[{"name":"tls_gen_connection:handle_protocol_record/3"}],"repo":"https://github.com/erlang/otp","packageURL":"pkg:github/erlang/otp","versions":[{"version":"17.0","lessThan":"*","versionType":"otp","status":"affected","changes":[{"at":"29.0.3","status":"unaffected"},{"at":"28.5.0.3","status":"unaffected"},{"at":"27.3.4.14","status":"unaffected"}]},{"version":"84adefa331c4159d432d22840663c38f155cd4c1","lessThan":"07d2d0e93f6aaf7652a81e8df075fc1728da5e96","versionType":"git","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"6b3ad84c-e1a6-4bf7-a703-f496b71e49db","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":6.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"HIGH","attackRequirements":"PRESENT","privilegesRequired":"NONE","userInteraction":"NONE","vulnConfidentialityImpact":"NONE","vulnIntegrityImpact":"LOW","vulnAvailabilityImpact":"NONE","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N","baseScore":3.7,"baseSeverity":"LOW","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.2,"impactScore":1.4}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-02T17:24:44.468465Z","id":"CVE-2026-54891","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"6b3ad84c-e1a6-4bf7-a703-f496b71e49db","type":"Secondary","description":[{"lang":"en","value":"CWE-924"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:erlang:erlang\\/otp:*:*:*:*:*:*:*:*","versionStartIncluding":"17.0","versionEndExcluding":"27.3.4.14","matchCriteriaId":"863CA902-6EB1-46CB-BC52-22F3AC6B4A14"},{"vulnerable":true,"criteria":"cpe:2.3:a:erlang:erlang\\/otp:*:*:*:*:*:*:*:*","versionStartIncluding":"28.0","versionEndExcluding":"28.5.0.3","matchCriteriaId":"230E3EE3-6A18-4848-8E3D-DB0FAA8EDFDC"},{"vulnerable":true,"criteria":"cpe:2.3:a:erlang:erlang\\/otp:*:*:*:*:*:*:*:*","versionStartIncluding":"29.0","versionEndExcluding":"29.0.3","matchCriteriaId":"5D2D0C24-E302-48BF-9550-CCC7ABA24BED"},{"vulnerable":true,"criteria":"cpe:2.3:a:erlang:erlang\\/ssl:*:*:*:*:*:*:*:*","versionStartIncluding":"5.3.4","versionEndExcluding":"11.2.12.10","matchCriteriaId":"FF4A7DEF-7E28-4DDF-A40F-45AB902AB04F"},{"vulnerable":true,"criteria":"cpe:2.3:a:erlang:erlang\\/ssl:*:*:*:*:*:*:*:*","versionStartIncluding":"11.3","versionEndExcluding":"11.6.0.3","matchCriteriaId":"670E1622-32D4-45D0-A05E-9A3F76CC0F15"},{"vulnerable":true,"criteria":"cpe:2.3:a:erlang:erlang\\/ssl:*:*:*:*:*:*:*:*","versionStartIncluding":"11.7","versionEndExcluding":"11.7.3","matchCriteriaId":"217D7CA5-49E9-4805-A2F6-32EC75F6EE91"}]}]}],"references":[{"url":"https://cna.erlef.org/cves/CVE-2026-54891.html","source":"6b3ad84c-e1a6-4bf7-a703-f496b71e49db","tags":["Vendor Advisory"]},{"url":"https://github.com/erlang/otp/commit/07d2d0e93f6aaf7652a81e8df075fc1728da5e96","source":"6b3ad84c-e1a6-4bf7-a703-f496b71e49db","tags":["Patch"]},{"url":"https://github.com/erlang/otp/security/advisories/GHSA-gf6r-99xw-6qg6","source":"6b3ad84c-e1a6-4bf7-a703-f496b71e49db","tags":["Vendor Advisory"]},{"url":"https://osv.dev/vulnerability/EEF-CVE-2026-54891","source":"6b3ad84c-e1a6-4bf7-a703-f496b71e49db","tags":["Third Party Advisory"]},{"url":"https://www.erlang.org/doc/system/versions.html#order-of-versions","source":"6b3ad84c-e1a6-4bf7-a703-f496b71e49db","tags":["Release Notes"]}]}},{"cve":{"id":"CVE-2026-55950","sourceIdentifier":"6b3ad84c-e1a6-4bf7-a703-f496b71e49db","published":"2026-07-02T17:17:02.910","lastModified":"2026-07-07T14:45:59.213","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Time-of-check Time-of-use (TOCTOU) race condition vulnerability in Erlang/OTP ssl (dtls_packet_demux module) allows an unauthenticated remote attacker to crash all active DTLS sessions on a listener.\n\nA DTLS server listener uses a single shared dtls_packet_demux gen_server process to route incoming UDP datagrams to the correct connection handler. When a DTLS client reconnects rapidly from the same source address and port (sending multiple ClientHello messages in quick succession), a race condition in the demux's internal gb_trees key-value store causes a {key_exists, {old, Client}} crash, terminating the demux process. Because the demux is shared across all DTLS associations on that listener, its crash immediately kills every active DTLS session, not just the attacker's.\n\nThe attack is pre-authentication: the attacker only needs to send UDP datagrams containing valid ClientHello messages from the same source IP and port before the intermediate DOWN monitor message is processed by the gen_server. No credentials, no completed handshake, and no special configuration are required, and the crash can be repeated indefinitely to create a persistent denial of service for all clients of that listener.\n\nThis vulnerability is associated with program file lib/ssl/src/dtls_packet_demux.erl.\n\nThis issue affects OTP from OTP 25.3 before 29.0.3, 28.5.0.3, and 27.3.4.14 corresponding to ssl from 10.9 before 11.7.3, 11.6.0.3, and 11.2.12.10."}],"affected":[{"source":"6b3ad84c-e1a6-4bf7-a703-f496b71e49db","affectedData":[{"vendor":"Erlang","product":"OTP","defaultStatus":"unaffected","packageName":"ssl","cpes":["cpe:2.3:a:erlang:erlang\\/otp:*:*:*:*:*:*:*:*"],"modules":["dtls_packet_demux"],"programFiles":["src/dtls_packet_demux.erl"],"programRoutines":[{"name":"dtls_packet_demux:handle_call/3"},{"name":"dtls_packet_demux:handle_info/2"},{"name":"dtls_packet_demux:new_connection/2"}],"repo":"https://github.com/erlang/otp","packageURL":"pkg:otp/ssl?repository_url=https:%2F%2Fgithub.com%2Ferlang%2Fotp&vcs_url=git%20https:%2F%2Fgithub.com%2Ferlang%2Fotp.git","versions":[{"version":"10.9","lessThan":"*","versionType":"otp","status":"affected","changes":[{"at":"11.7.3","status":"unaffected"},{"at":"11.6.0.3","status":"unaffected"},{"at":"11.2.12.10","status":"unaffected"}]}]},{"vendor":"Erlang","product":"OTP","defaultStatus":"unaffected","collectionURL":"https://github.com","packageName":"erlang/otp","cpes":["cpe:2.3:a:erlang:erlang\\/otp:*:*:*:*:*:*:*:*"],"modules":["dtls_packet_demux"],"programFiles":["lib/ssl/src/dtls_packet_demux.erl"],"programRoutines":[{"name":"dtls_packet_demux:handle_call/3"},{"name":"dtls_packet_demux:handle_info/2"},{"name":"dtls_packet_demux:new_connection/2"}],"repo":"https://github.com/erlang/otp","packageURL":"pkg:github/erlang/otp","versions":[{"version":"25.3","lessThan":"*","versionType":"otp","status":"affected","changes":[{"at":"29.0.3","status":"unaffected"},{"at":"28.5.0.3","status":"unaffected"},{"at":"27.3.4.14","status":"unaffected"}]},{"version":"44dcb4c3d900777493ce2a6129f451aa475811f9","lessThan":"e44d2bf01c4473ef2ea7f09e3523cf96de6e4a04","versionType":"git","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"6b3ad84c-e1a6-4bf7-a703-f496b71e49db","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":8.7,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"NONE","userInteraction":"NONE","vulnConfidentialityImpact":"NONE","vulnIntegrityImpact":"NONE","vulnAvailabilityImpact":"HIGH","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H","baseScore":5.9,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":2.2,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-02T17:25:47.169172Z","id":"CVE-2026-55950","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"6b3ad84c-e1a6-4bf7-a703-f496b71e49db","type":"Secondary","description":[{"lang":"en","value":"CWE-367"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:erlang:erlang\\/otp:*:*:*:*:*:*:*:*","versionStartIncluding":"25.3","versionEndExcluding":"27.3.4.14","matchCriteriaId":"6C582A53-04F6-4606-9FC5-191C948E4890"},{"vulnerable":true,"criteria":"cpe:2.3:a:erlang:erlang\\/otp:*:*:*:*:*:*:*:*","versionStartIncluding":"28.0","versionEndExcluding":"28.5.0.3","matchCriteriaId":"230E3EE3-6A18-4848-8E3D-DB0FAA8EDFDC"},{"vulnerable":true,"criteria":"cpe:2.3:a:erlang:erlang\\/otp:*:*:*:*:*:*:*:*","versionStartIncluding":"29.0","versionEndExcluding":"29.0.3","matchCriteriaId":"5D2D0C24-E302-48BF-9550-CCC7ABA24BED"},{"vulnerable":true,"criteria":"cpe:2.3:a:erlang:erlang\\/ssl:*:*:*:*:*:*:*:*","versionStartIncluding":"10.9","versionEndExcluding":"11.2.12.10","matchCriteriaId":"B28E54A4-DCFD-4B62-A526-8A3EEE07B3F5"},{"vulnerable":true,"criteria":"cpe:2.3:a:erlang:erlang\\/ssl:*:*:*:*:*:*:*:*","versionStartIncluding":"11.3","versionEndExcluding":"11.6.0.3","matchCriteriaId":"670E1622-32D4-45D0-A05E-9A3F76CC0F15"},{"vulnerable":true,"criteria":"cpe:2.3:a:erlang:erlang\\/ssl:*:*:*:*:*:*:*:*","versionStartIncluding":"11.7","versionEndExcluding":"11.7.3","matchCriteriaId":"217D7CA5-49E9-4805-A2F6-32EC75F6EE91"}]}]}],"references":[{"url":"https://cna.erlef.org/cves/CVE-2026-55950.html","source":"6b3ad84c-e1a6-4bf7-a703-f496b71e49db","tags":["Vendor Advisory"]},{"url":"https://github.com/erlang/otp/commit/e44d2bf01c4473ef2ea7f09e3523cf96de6e4a04","source":"6b3ad84c-e1a6-4bf7-a703-f496b71e49db","tags":["Patch"]},{"url":"https://github.com/erlang/otp/security/advisories/GHSA-hwfc-5hf4-gvr3","source":"6b3ad84c-e1a6-4bf7-a703-f496b71e49db","tags":["Vendor Advisory"]},{"url":"https://osv.dev/vulnerability/EEF-CVE-2026-55950","source":"6b3ad84c-e1a6-4bf7-a703-f496b71e49db","tags":["Third Party Advisory"]},{"url":"https://www.erlang.org/doc/system/versions.html#order-of-versions","source":"6b3ad84c-e1a6-4bf7-a703-f496b71e49db","tags":["Release Notes"]}]}},{"cve":{"id":"CVE-2026-55952","sourceIdentifier":"6b3ad84c-e1a6-4bf7-a703-f496b71e49db","published":"2026-07-02T17:17:03.067","lastModified":"2026-07-07T14:44:47.327","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"The Erlang/OTP ssl application does not validate that the PSK identity list and binder list carried in a TLS 1.3 ClientHello pre-shared key extension have equal length before passing them to the session ticket handler. In tls_handshake_1_3:handle_pre_shared_key/3, an OfferedPreSharedKeys record with a mismatched number of identities and binders is forwarded directly to tls_server_session_ticket:use/4, which crashes the session ticket handler process.\n\nAn unauthenticated remote attacker can send a single crafted ClientHello to a TLS 1.3 server with session tickets enabled (stateful or stateless mode) and permanently disrupt session ticket handling on that listener. New TLS 1.3 handshakes complete but subsequently crash when the server attempts to issue a session ticket, effectively making TLS 1.3 unusable on the affected listener until the ssl application is restarted. TLS 1.2 connections are not affected.\n\nThis issue affects OTP from 22.2 before 29.0.3, 28.5.0.3 and 27.3.4.14 corresponding to ssl from 9.5 before 11.7.3, 11.6.0.3 and 11.2.12.10."}],"affected":[{"source":"6b3ad84c-e1a6-4bf7-a703-f496b71e49db","affectedData":[{"vendor":"Erlang","product":"OTP","defaultStatus":"unaffected","packageName":"ssl","cpes":["cpe:2.3:a:erlang:erlang\\/otp:*:*:*:*:*:*:*:*"],"modules":["tls_handshake_1_3"],"programFiles":["src/tls_handshake_1_3.erl"],"programRoutines":[{"name":"tls_handshake_1_3:handle_pre_shared_key/3"}],"repo":"https://github.com/erlang/otp","packageURL":"pkg:otp/ssl?repository_url=https:%2F%2Fgithub.com%2Ferlang%2Fotp&vcs_url=git%20https:%2F%2Fgithub.com%2Ferlang%2Fotp.git","versions":[{"version":"9.5","lessThan":"*","versionType":"otp","status":"affected","changes":[{"at":"11.7.3","status":"unaffected"},{"at":"11.6.0.3","status":"unaffected"},{"at":"11.2.12.10","status":"unaffected"}]}]},{"vendor":"Erlang","product":"OTP","defaultStatus":"unaffected","collectionURL":"https://github.com","packageName":"erlang/otp","cpes":["cpe:2.3:a:erlang:erlang\\/otp:*:*:*:*:*:*:*:*"],"modules":["tls_handshake_1_3"],"programFiles":["lib/ssl/src/tls_handshake_1_3.erl"],"programRoutines":[{"name":"tls_handshake_1_3:handle_pre_shared_key/3"}],"repo":"https://github.com/erlang/otp","packageURL":"pkg:github/erlang/otp","versions":[{"version":"22.2","lessThan":"*","versionType":"otp","status":"affected","changes":[{"at":"29.0.3","status":"unaffected"},{"at":"28.5.0.3","status":"unaffected"},{"at":"27.3.4.14","status":"unaffected"}]},{"version":"339a279f02ce38a7b23010e56000613e19abb21f","lessThan":"*","versionType":"git","status":"affected","changes":[{"at":"e77823e6d980b2ec0b4fe4ea3f2d098ca239e3ce","status":"unaffected"},{"at":"2c3e599797644310e5d4aa39c7193420e59dadff","status":"unaffected"},{"at":"9b5437c72fa3403a75c1aba28e5c532bc191c662","status":"unaffected"}]}]}]}],"metrics":{"cvssMetricV40":[{"source":"6b3ad84c-e1a6-4bf7-a703-f496b71e49db","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":8.2,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"PRESENT","privilegesRequired":"NONE","userInteraction":"NONE","vulnConfidentialityImpact":"NONE","vulnIntegrityImpact":"NONE","vulnAvailabilityImpact":"HIGH","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-02T17:28:09.569991Z","id":"CVE-2026-55952","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"6b3ad84c-e1a6-4bf7-a703-f496b71e49db","type":"Secondary","description":[{"lang":"en","value":"CWE-1284"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:erlang:erlang\\/otp:*:*:*:*:*:*:*:*","versionStartIncluding":"22.2","versionEndExcluding":"27.3.4.14","matchCriteriaId":"B6121E70-2794-46A4-A282-817CC75FA8CE"},{"vulnerable":true,"criteria":"cpe:2.3:a:erlang:erlang\\/otp:*:*:*:*:*:*:*:*","versionStartIncluding":"28.0","versionEndExcluding":"28.5.0.3","matchCriteriaId":"230E3EE3-6A18-4848-8E3D-DB0FAA8EDFDC"},{"vulnerable":true,"criteria":"cpe:2.3:a:erlang:erlang\\/otp:*:*:*:*:*:*:*:*","versionStartIncluding":"29.0","versionEndExcluding":"29.0.3","matchCriteriaId":"5D2D0C24-E302-48BF-9550-CCC7ABA24BED"},{"vulnerable":true,"criteria":"cpe:2.3:a:erlang:erlang\\/ssl:*:*:*:*:*:*:*:*","versionStartIncluding":"9.5","versionEndExcluding":"11.2.12.10","matchCriteriaId":"04922CED-B13F-4CA5-A700-D96B6C589324"},{"vulnerable":true,"criteria":"cpe:2.3:a:erlang:erlang\\/ssl:*:*:*:*:*:*:*:*","versionStartIncluding":"11.3","versionEndExcluding":"11.6.0.3","matchCriteriaId":"670E1622-32D4-45D0-A05E-9A3F76CC0F15"},{"vulnerable":true,"criteria":"cpe:2.3:a:erlang:erlang\\/ssl:*:*:*:*:*:*:*:*","versionStartIncluding":"11.7","versionEndExcluding":"11.7.3","matchCriteriaId":"217D7CA5-49E9-4805-A2F6-32EC75F6EE91"}]}]}],"references":[{"url":"https://cna.erlef.org/cves/CVE-2026-55952.html","source":"6b3ad84c-e1a6-4bf7-a703-f496b71e49db","tags":["Mitigation","Vendor Advisory"]},{"url":"https://github.com/erlang/otp/commit/2c3e599797644310e5d4aa39c7193420e59dadff","source":"6b3ad84c-e1a6-4bf7-a703-f496b71e49db","tags":["Patch"]},{"url":"https://github.com/erlang/otp/commit/9b5437c72fa3403a75c1aba28e5c532bc191c662","source":"6b3ad84c-e1a6-4bf7-a703-f496b71e49db","tags":["Patch"]},{"url":"https://github.com/erlang/otp/commit/e77823e6d980b2ec0b4fe4ea3f2d098ca239e3ce","source":"6b3ad84c-e1a6-4bf7-a703-f496b71e49db","tags":["Patch"]},{"url":"https://github.com/erlang/otp/security/advisories/GHSA-8c57-44c9-pc59","source":"6b3ad84c-e1a6-4bf7-a703-f496b71e49db","tags":["Vendor Advisory"]},{"url":"https://osv.dev/vulnerability/EEF-CVE-2026-55952","source":"6b3ad84c-e1a6-4bf7-a703-f496b71e49db","tags":["Mitigation","Third Party Advisory"]},{"url":"https://www.erlang.org/doc/system/versions.html#order-of-versions","source":"6b3ad84c-e1a6-4bf7-a703-f496b71e49db","tags":["Release Notes"]}]}},{"cve":{"id":"CVE-2025-71385","sourceIdentifier":"disclosure@vulncheck.com","published":"2026-07-02T20:17:00.420","lastModified":"2026-07-07T17:31:58.280","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Netdata before 2.3.1 reflects the user-supplied love query parameter of the api/v2/ilove.svg and api/v3/ilove.svg endpoints verbatim into the generated SVG document (into a text element) without HTML or XML escaping, and serves the response with Content-Type image/svg+xml. An attacker can craft a URL such as /api/v2/ilove.svg?love=<script>...</script>; when a victim navigates to it the injected script executes in the victim browser in the origin of the Netdata instance (reflected cross-site scripting). These endpoints are registered with HTTP_ACL_NOCHECK and anonymous access and, because bearer-token protection is disabled by default, are reachable without authentication on a default Netdata agent. The issue was resolved by removing the ilove endpoint."}],"affected":[{"source":"disclosure@vulncheck.com","affectedData":[{"vendor":"netdata","product":"netdata","defaultStatus":"unaffected","repo":"https://github.com/netdata/netdata","versions":[{"version":"0","lessThan":"2.3.1","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"disclosure@vulncheck.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":5.1,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"NONE","userInteraction":"ACTIVE","vulnConfidentialityImpact":"NONE","vulnIntegrityImpact":"NONE","vulnAvailabilityImpact":"NONE","subConfidentialityImpact":"LOW","subIntegrityImpact":"LOW","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"disclosure@vulncheck.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","baseScore":6.1,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":2.7}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-06T16:38:23.674546Z","id":"CVE-2025-71385","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"disclosure@vulncheck.com","type":"Secondary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:netdata:netdata:*:*:*:*:*:*:*:*","versionEndExcluding":"2.3.1","matchCriteriaId":"E63D0660-D777-4826-AFCE-2E4C8EB209FD"}]}]}],"references":[{"url":"https://github.com/netdata/netdata/commit/f82554fe9b21b5ae51a8663a3f4ddce84cac16af","source":"disclosure@vulncheck.com","tags":["Patch"]},{"url":"https://github.com/netdata/netdata/pull/19919","source":"disclosure@vulncheck.com","tags":["Issue Tracking","Patch"]},{"url":"https://github.com/netdata/netdata/releases/tag/v2.3.1","source":"disclosure@vulncheck.com","tags":["Product","Release Notes"]},{"url":"https://www.vulncheck.com/advisories/netdata-reflected-cross-site-scripting-via-love-parameter-in-ilove-svg-endpoint","source":"disclosure@vulncheck.com","tags":["Patch","Release Notes","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2026-59093","sourceIdentifier":"disclosure@vulncheck.com","published":"2026-07-02T20:17:07.410","lastModified":"2026-07-07T16:14:10.787","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Weaviate before 1.38.0 does not verify that a principal performing an RBAC role assignment holds the permissions granted by the assigned role. The assignRoleToUser and assignRoleToGroup handlers (POST /authz/users/{id}/assign and /authz/groups/{id}/assign) authorize only that the caller may assign roles to the target user or group, not the permissions contained in the assigned roles, unlike role creation which enforces that a user can only create roles with permissions less than or equal to its own. A user holding only the delegated assign_and_revoke_users or assign_and_revoke_groups permission can assign the built-in admin role, or any high-privilege custom role, to itself or others, escalating to full administrative control of the database."}],"affected":[{"source":"disclosure@vulncheck.com","affectedData":[{"vendor":"weaviate","product":"weaviate","defaultStatus":"unaffected","repo":"https://github.com/weaviate/weaviate","versions":[{"version":"0","lessThan":"1.38.0","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"disclosure@vulncheck.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":8.7,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"LOW","userInteraction":"NONE","vulnConfidentialityImpact":"HIGH","vulnIntegrityImpact":"HIGH","vulnAvailabilityImpact":"HIGH","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"disclosure@vulncheck.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-06T12:26:29.214163Z","id":"CVE-2026-59093","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"disclosure@vulncheck.com","type":"Secondary","description":[{"lang":"en","value":"CWE-266"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:weaviate:weaviate:*:*:*:*:*:*:*:*","versionEndExcluding":"1.38.0","matchCriteriaId":"90A39FDE-81A0-4CE7-A629-D4096DFCDAC4"}]}]}],"references":[{"url":"https://github.com/weaviate/weaviate/commit/2c75f6fb217631f7751c4b2a7d37a488cef13edb","source":"disclosure@vulncheck.com","tags":["Patch"]},{"url":"https://github.com/weaviate/weaviate/pull/11493","source":"disclosure@vulncheck.com","tags":["Issue Tracking","Patch"]},{"url":"https://github.com/weaviate/weaviate/releases/tag/v1.38.0","source":"disclosure@vulncheck.com","tags":["Product","Release Notes"]},{"url":"https://www.vulncheck.com/advisories/weaviate-privilege-escalation-via-unchecked-permissions-in-rbac-role-assignment","source":"disclosure@vulncheck.com","tags":["Patch","Release Notes","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2026-26145","sourceIdentifier":"secure@microsoft.com","published":"2026-07-02T23:16:49.813","lastModified":"2026-07-07T14:27:00.440","vulnStatus":"Analyzed","cveTags":[{"sourceIdentifier":"secure@microsoft.com","tags":["exclusively-hosted-service"]}],"descriptions":[{"lang":"en","value":"Improper access control in Azure Synapse allows an authorized attacker to elevate privileges over a network."}],"affected":[{"source":"secure@microsoft.com","affectedData":[{"vendor":"Microsoft","product":"Azure Synapse","versions":[{"version":"-","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"secure@microsoft.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:N/A:N","baseScore":4.8,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":1.2,"impactScore":3.6},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-06T00:00:00+00:00","id":"CVE-2026-26145","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"secure@microsoft.com","type":"Secondary","description":[{"lang":"en","value":"CWE-284"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-noinfo"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:azure_synapse:-:*:*:*:*:*:*:*","matchCriteriaId":"A4AE1B8F-819C-41A4-AEFA-7A94CBDCCFF3"}]}]}],"references":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-26145","source":"secure@microsoft.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-41106","sourceIdentifier":"secure@microsoft.com","published":"2026-07-02T23:16:50.867","lastModified":"2026-07-07T14:24:12.110","vulnStatus":"Analyzed","cveTags":[{"sourceIdentifier":"secure@microsoft.com","tags":["exclusively-hosted-service"]}],"descriptions":[{"lang":"en","value":"Url redirection to untrusted site ('open redirect') in M365 Copilot allows an unauthorized attacker to elevate privileges over a network."}],"affected":[{"source":"secure@microsoft.com","affectedData":[{"vendor":"Microsoft","product":"Microsoft 365 Copilot","versions":[{"version":"-","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"secure@microsoft.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N","baseScore":9.3,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":5.8},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N","baseScore":9.3,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":5.8}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-06T00:00:00+00:00","id":"CVE-2026-41106","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"secure@microsoft.com","type":"Secondary","description":[{"lang":"en","value":"CWE-601"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:365_copilot:-:*:*:*:*:*:*:*","matchCriteriaId":"E4A390D9-7457-430A-82CC-A24DA275BF06"}]}]}],"references":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-41106","source":"secure@microsoft.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-45499","sourceIdentifier":"secure@microsoft.com","published":"2026-07-02T23:16:51.003","lastModified":"2026-07-07T14:04:54.607","vulnStatus":"Analyzed","cveTags":[{"sourceIdentifier":"secure@microsoft.com","tags":["exclusively-hosted-service"]}],"descriptions":[{"lang":"en","value":"Server-side request forgery (ssrf) in Azure OpenAI allows an authorized attacker to elevate privileges over a network."}],"affected":[{"source":"secure@microsoft.com","affectedData":[{"vendor":"Microsoft","product":"Azure Open AI","versions":[{"version":"-","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"secure@microsoft.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H","baseScore":9.9,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.1,"impactScore":6.0},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-06T00:00:00+00:00","id":"CVE-2026-45499","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"secure@microsoft.com","type":"Secondary","description":[{"lang":"en","value":"CWE-918"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:azure_openai:-:*:*:*:*:*:*:*","matchCriteriaId":"D1EE6399-239E-479B-A473-B37ECEB110E7"}]}]}],"references":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-45499","source":"secure@microsoft.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-10536","sourceIdentifier":"2499f714-1537-4658-8207-48ae4bb9eae9","published":"2026-07-03T07:16:23.563","lastModified":"2026-07-07T18:02:03.890","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"A use-after-free vulnerability exists in libcurl when an application\nconfigures an HTTP/2 stream-dependency tree via `CURLOPT_STREAM_DEPENDS` or\n`CURLOPT_STREAM_DEPENDS_E`, subsequently invokes `curl_easy_reset()`, and\nfinally terminates the handle with `curl_easy_cleanup()`. During this final\ncleanup phase, libcurl attempts to access and modify an internal structure\nthat was already freed during the reset operation."}],"affected":[{"source":"2499f714-1537-4658-8207-48ae4bb9eae9","affectedData":[{"vendor":"curl","product":"curl","defaultStatus":"unaffected","versions":[{"version":"8.20.0","lessThanOrEqual":"8.20.0","versionType":"semver","status":"affected"},{"version":"8.19.0","lessThanOrEqual":"8.19.0","versionType":"semver","status":"affected"},{"version":"8.18.0","lessThanOrEqual":"8.18.0","versionType":"semver","status":"affected"},{"version":"8.17.0","lessThanOrEqual":"8.17.0","versionType":"semver","status":"affected"},{"version":"8.16.0","lessThanOrEqual":"8.16.0","versionType":"semver","status":"affected"},{"version":"8.15.0","lessThanOrEqual":"8.15.0","versionType":"semver","status":"affected"},{"version":"8.14.1","lessThanOrEqual":"8.14.1","versionType":"semver","status":"affected"},{"version":"8.14.0","lessThanOrEqual":"8.14.0","versionType":"semver","status":"affected"},{"version":"8.13.0","lessThanOrEqual":"8.13.0","versionType":"semver","status":"affected"},{"version":"8.12.1","lessThanOrEqual":"8.12.1","versionType":"semver","status":"affected"},{"version":"8.12.0","lessThanOrEqual":"8.12.0","versionType":"semver","status":"affected"},{"version":"8.11.1","lessThanOrEqual":"8.11.1","versionType":"semver","status":"affected"},{"version":"8.11.0","lessThanOrEqual":"8.11.0","versionType":"semver","status":"affected"},{"version":"8.10.1","lessThanOrEqual":"8.10.1","versionType":"semver","status":"affected"},{"version":"8.10.0","lessThanOrEqual":"8.10.0","versionType":"semver","status":"affected"},{"version":"8.9.1","lessThanOrEqual":"8.9.1","versionType":"semver","status":"affected"},{"version":"8.9.0","lessThanOrEqual":"8.9.0","versionType":"semver","status":"affected"},{"version":"8.8.0","lessThanOrEqual":"8.8.0","versionType":"semver","status":"affected"},{"version":"8.7.1","lessThanOrEqual":"8.7.1","versionType":"semver","status":"affected"},{"version":"8.7.0","lessThanOrEqual":"8.7.0","versionType":"semver","status":"affected"},{"version":"8.6.0","lessThanOrEqual":"8.6.0","versionType":"semver","status":"affected"},{"version":"8.5.0","lessThanOrEqual":"8.5.0","versionType":"semver","status":"affected"},{"version":"8.4.0","lessThanOrEqual":"8.4.0","versionType":"semver","status":"affected"},{"version":"8.3.0","lessThanOrEqual":"8.3.0","versionType":"semver","status":"affected"},{"version":"8.2.1","lessThanOrEqual":"8.2.1","versionType":"semver","status":"affected"},{"version":"8.2.0","lessThanOrEqual":"8.2.0","versionType":"semver","status":"affected"},{"version":"8.1.2","lessThanOrEqual":"8.1.2","versionType":"semver","status":"affected"},{"version":"8.1.1","lessThanOrEqual":"8.1.1","versionType":"semver","status":"affected"},{"version":"8.1.0","lessThanOrEqual":"8.1.0","versionType":"semver","status":"affected"},{"version":"8.0.1","lessThanOrEqual":"8.0.1","versionType":"semver","status":"affected"},{"version":"8.0.0","lessThanOrEqual":"8.0.0","versionType":"semver","status":"affected"},{"version":"7.88.1","lessThanOrEqual":"7.88.1","versionType":"semver","status":"affected"},{"version":"7.88.0","lessThanOrEqual":"7.88.0","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-06T18:28:36.822614Z","id":"CVE-2026-10536","options":[{"exploitation":"poc"},{"automatable":"yes"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-416"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:haxx:curl:*:*:*:*:*:*:*:*","versionStartIncluding":"7.88.0","versionEndExcluding":"8.21.0","matchCriteriaId":"1088DD7B-0C10-4992-83C7-66931BB8F297"}]}]}],"references":[{"url":"https://curl.se/docs/CVE-2026-10536.html","source":"2499f714-1537-4658-8207-48ae4bb9eae9","tags":["Patch","Vendor Advisory"]},{"url":"https://curl.se/docs/CVE-2026-10536.json","source":"2499f714-1537-4658-8207-48ae4bb9eae9","tags":["Vendor Advisory"]},{"url":"https://hackerone.com/reports/3751697","source":"2499f714-1537-4658-8207-48ae4bb9eae9","tags":["Exploit","Issue Tracking","Third Party Advisory"]},{"url":"https://hackerone.com/reports/3751697","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","tags":["Exploit","Issue Tracking","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2026-11352","sourceIdentifier":"2499f714-1537-4658-8207-48ae4bb9eae9","published":"2026-07-03T07:16:23.693","lastModified":"2026-07-07T18:01:19.013","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"An issue in curl’s QUIC UDP receive function allows a malicious HTTP/3 server\nto trigger a remote denial of service against a curl or libcurl client.\nBecause the helper function discards zero-length UDP datagrams before counting\nthem toward the per-call packet budget, a connected QUIC peer can continuously\nstream empty datagrams to indefinitely stall the client."}],"affected":[{"source":"2499f714-1537-4658-8207-48ae4bb9eae9","affectedData":[{"vendor":"curl","product":"curl","defaultStatus":"unaffected","versions":[{"version":"8.20.0","lessThanOrEqual":"8.20.0","versionType":"semver","status":"affected"},{"version":"8.19.0","lessThanOrEqual":"8.19.0","versionType":"semver","status":"affected"},{"version":"8.18.0","lessThanOrEqual":"8.18.0","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-06T18:26:03.249042Z","id":"CVE-2026-11352","options":[{"exploitation":"poc"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-835"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:haxx:curl:*:*:*:*:*:*:*:*","versionStartIncluding":"8.18.0","versionEndExcluding":"8.21.0","matchCriteriaId":"6EF934FA-9E74-432D-A41E-157D65C6B539"}]}]}],"references":[{"url":"https://curl.se/docs/CVE-2026-11352.html","source":"2499f714-1537-4658-8207-48ae4bb9eae9","tags":["Patch","Vendor Advisory"]},{"url":"https://curl.se/docs/CVE-2026-11352.json","source":"2499f714-1537-4658-8207-48ae4bb9eae9","tags":["Vendor Advisory"]},{"url":"https://hackerone.com/reports/3783438","source":"2499f714-1537-4658-8207-48ae4bb9eae9","tags":["Exploit","Issue Tracking","Third Party Advisory"]},{"url":"https://hackerone.com/reports/3783438","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","tags":["Exploit","Issue Tracking","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2026-11564","sourceIdentifier":"2499f714-1537-4658-8207-48ae4bb9eae9","published":"2026-07-03T07:16:23.790","lastModified":"2026-07-07T18:00:35.840","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"libcurl keeps previously used connections in a connection pool for subsequent\ntransfers to reuse if one of them matches the setup.\n\nAn easy handle that first uses default native CA trust can continue trusting\nthe native platform store after the application switches that same handle to\ncustom CA material for a later transfer."}],"affected":[{"source":"2499f714-1537-4658-8207-48ae4bb9eae9","affectedData":[{"vendor":"curl","product":"curl","defaultStatus":"unaffected","versions":[{"version":"8.20.0","lessThanOrEqual":"8.20.0","versionType":"semver","status":"affected"},{"version":"8.19.0","lessThanOrEqual":"8.19.0","versionType":"semver","status":"affected"},{"version":"8.18.0","lessThanOrEqual":"8.18.0","versionType":"semver","status":"affected"},{"version":"8.17.0","lessThanOrEqual":"8.17.0","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N","baseScore":9.1,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":5.2}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-06T17:09:36.356822Z","id":"CVE-2026-11564","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-295"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:haxx:curl:*:*:*:*:*:*:*:*","versionStartIncluding":"8.17.0","versionEndExcluding":"8.21.0","matchCriteriaId":"B5728866-C386-4BA5-835D-792BAE02DE29"}]}]}],"references":[{"url":"https://curl.se/docs/CVE-2026-11564.html","source":"2499f714-1537-4658-8207-48ae4bb9eae9","tags":["Patch","Vendor Advisory"]},{"url":"https://curl.se/docs/CVE-2026-11564.json","source":"2499f714-1537-4658-8207-48ae4bb9eae9","tags":["Vendor Advisory"]},{"url":"https://hackerone.com/reports/3788984","source":"2499f714-1537-4658-8207-48ae4bb9eae9","tags":["Exploit","Issue Tracking","Third Party Advisory"]},{"url":"https://hackerone.com/reports/3788984","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","tags":["Exploit","Issue Tracking","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2026-11586","sourceIdentifier":"2499f714-1537-4658-8207-48ae4bb9eae9","published":"2026-07-03T07:16:23.883","lastModified":"2026-07-07T17:59:46.920","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"By default, curl automatically responds to WebSocket PING frames. Because curl\nlacks an upper bound on memory allocation for unacknowledged frames, a\nmalicious server can exhaust all available memory by flooding curl with rapid,\nsequential PING messages."}],"affected":[{"source":"2499f714-1537-4658-8207-48ae4bb9eae9","affectedData":[{"vendor":"curl","product":"curl","defaultStatus":"unaffected","versions":[{"version":"8.20.0","lessThanOrEqual":"8.20.0","versionType":"semver","status":"affected"},{"version":"8.19.0","lessThanOrEqual":"8.19.0","versionType":"semver","status":"affected"},{"version":"8.18.0","lessThanOrEqual":"8.18.0","versionType":"semver","status":"affected"},{"version":"8.17.0","lessThanOrEqual":"8.17.0","versionType":"semver","status":"affected"},{"version":"8.16.0","lessThanOrEqual":"8.16.0","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-06T15:16:22.568075Z","id":"CVE-2026-11586","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-770"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:haxx:curl:*:*:*:*:*:*:*:*","versionStartIncluding":"8.16.0","versionEndExcluding":"8.21.0","matchCriteriaId":"0A8E28F3-30D3-4A58-9845-680E41079A9C"}]}]}],"references":[{"url":"https://curl.se/docs/CVE-2026-11586.html","source":"2499f714-1537-4658-8207-48ae4bb9eae9","tags":["Patch","Vendor Advisory"]},{"url":"https://curl.se/docs/CVE-2026-11586.json","source":"2499f714-1537-4658-8207-48ae4bb9eae9","tags":["Vendor Advisory"]},{"url":"https://hackerone.com/reports/3788931","source":"2499f714-1537-4658-8207-48ae4bb9eae9","tags":["Exploit","Issue Tracking","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2026-9079","sourceIdentifier":"2499f714-1537-4658-8207-48ae4bb9eae9","published":"2026-07-03T07:16:25.620","lastModified":"2026-07-07T15:05:55.933","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"libcurl had a flaw that when instructed to clear proxy authentication\ncredentials which made it not do so, leaving the old credentials around to get\nused for subsequent transfers that should not know nor use them."}],"affected":[{"source":"2499f714-1537-4658-8207-48ae4bb9eae9","affectedData":[{"vendor":"curl","product":"curl","defaultStatus":"unaffected","versions":[{"version":"8.20.0","lessThanOrEqual":"8.20.0","versionType":"semver","status":"affected"},{"version":"8.19.0","lessThanOrEqual":"8.19.0","versionType":"semver","status":"affected"},{"version":"8.18.0","lessThanOrEqual":"8.18.0","versionType":"semver","status":"affected"},{"version":"8.17.0","lessThanOrEqual":"8.17.0","versionType":"semver","status":"affected"},{"version":"8.16.0","lessThanOrEqual":"8.16.0","versionType":"semver","status":"affected"},{"version":"8.15.0","lessThanOrEqual":"8.15.0","versionType":"semver","status":"affected"},{"version":"8.14.1","lessThanOrEqual":"8.14.1","versionType":"semver","status":"affected"},{"version":"8.14.0","lessThanOrEqual":"8.14.0","versionType":"semver","status":"affected"},{"version":"8.13.0","lessThanOrEqual":"8.13.0","versionType":"semver","status":"affected"},{"version":"8.12.1","lessThanOrEqual":"8.12.1","versionType":"semver","status":"affected"},{"version":"8.12.0","lessThanOrEqual":"8.12.0","versionType":"semver","status":"affected"},{"version":"8.11.1","lessThanOrEqual":"8.11.1","versionType":"semver","status":"affected"},{"version":"8.11.0","lessThanOrEqual":"8.11.0","versionType":"semver","status":"affected"},{"version":"8.10.1","lessThanOrEqual":"8.10.1","versionType":"semver","status":"affected"},{"version":"8.10.0","lessThanOrEqual":"8.10.0","versionType":"semver","status":"affected"},{"version":"8.9.1","lessThanOrEqual":"8.9.1","versionType":"semver","status":"affected"},{"version":"8.9.0","lessThanOrEqual":"8.9.0","versionType":"semver","status":"affected"},{"version":"8.8.0","lessThanOrEqual":"8.8.0","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-06T16:49:15.639683Z","id":"CVE-2026-9079","options":[{"exploitation":"poc"},{"automatable":"yes"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-522"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:haxx:curl:*:*:*:*:*:*:*:*","versionStartIncluding":"8.8.0","versionEndExcluding":"8.21.0","matchCriteriaId":"9238ECE6-3CA5-48A9-B558-DF2BC6CE04AD"}]}]}],"references":[{"url":"https://curl.se/docs/CVE-2026-9079.html","source":"2499f714-1537-4658-8207-48ae4bb9eae9","tags":["Patch","Vendor Advisory"]},{"url":"https://curl.se/docs/CVE-2026-9079.json","source":"2499f714-1537-4658-8207-48ae4bb9eae9","tags":["Vendor Advisory"]},{"url":"https://hackerone.com/reports/3750295","source":"2499f714-1537-4658-8207-48ae4bb9eae9","tags":["Exploit","Issue Tracking","Third Party Advisory"]},{"url":"https://hackerone.com/reports/3750295","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","tags":["Exploit","Issue Tracking","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2026-9080","sourceIdentifier":"2499f714-1537-4658-8207-48ae4bb9eae9","published":"2026-07-03T07:16:25.713","lastModified":"2026-07-07T15:05:26.530","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Calling `curl_easy_pause()` within the event-based `CURLMOPT_SOCKETFUNCTION`\ncallback triggers a use-after-free vulnerability, where libcurl attempts to\nstore a flag using a dangling struct pointer immediately after that pointer's\nmemory has been freed."}],"affected":[{"source":"2499f714-1537-4658-8207-48ae4bb9eae9","affectedData":[{"vendor":"curl","product":"curl","defaultStatus":"unaffected","versions":[{"version":"8.20.0","lessThanOrEqual":"8.20.0","versionType":"semver","status":"affected"},{"version":"8.19.0","lessThanOrEqual":"8.19.0","versionType":"semver","status":"affected"},{"version":"8.18.0","lessThanOrEqual":"8.18.0","versionType":"semver","status":"affected"},{"version":"8.17.0","lessThanOrEqual":"8.17.0","versionType":"semver","status":"affected"},{"version":"8.16.0","lessThanOrEqual":"8.16.0","versionType":"semver","status":"affected"},{"version":"8.15.0","lessThanOrEqual":"8.15.0","versionType":"semver","status":"affected"},{"version":"8.14.1","lessThanOrEqual":"8.14.1","versionType":"semver","status":"affected"},{"version":"8.14.0","lessThanOrEqual":"8.14.0","versionType":"semver","status":"affected"},{"version":"8.13.0","lessThanOrEqual":"8.13.0","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L","baseScore":7.3,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"LOW"},"exploitabilityScore":3.9,"impactScore":3.4}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-06T16:54:41.919630Z","id":"CVE-2026-9080","options":[{"exploitation":"poc"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-416"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:haxx:curl:*:*:*:*:*:*:*:*","versionStartIncluding":"8.13.0","versionEndExcluding":"8.21.0","matchCriteriaId":"C87B09EB-4326-4209-9055-93BEE0676194"}]}]}],"references":[{"url":"https://curl.se/docs/CVE-2026-9080.html","source":"2499f714-1537-4658-8207-48ae4bb9eae9","tags":["Patch","Vendor Advisory"]},{"url":"https://curl.se/docs/CVE-2026-9080.json","source":"2499f714-1537-4658-8207-48ae4bb9eae9","tags":["Vendor Advisory"]},{"url":"https://hackerone.com/reports/3749204","source":"2499f714-1537-4658-8207-48ae4bb9eae9","tags":["Exploit","Issue Tracking","Third Party Advisory"]},{"url":"https://hackerone.com/reports/3749204","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","tags":["Exploit","Issue Tracking","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2026-9545","sourceIdentifier":"2499f714-1537-4658-8207-48ae4bb9eae9","published":"2026-07-03T07:16:25.807","lastModified":"2026-07-07T15:03:56.920","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"In this scenario, libcurl first uses a proper HTTP/3 server for the initial\ntransfers, and when it makes a second transfer to the same site it has been\nreplaced by the attacker's impostor machine - without a valid certificate.\n\nWhen libcurl returns to the hostname the second time with a cached SSL session\n(`CURLOPT_SSL_SESSIONID_CACHE` is not disabled) and early data enabled (the\n`CURLSSLOPT_EARLYDATA` bit is set in `CURLOPT_SSL_OPTIONS`), libcurl might\nsend off the second request's bytes on that new connection *before* enforcing\nthe certificate verification failure. Potentially leaking sensitive\ninformation."}],"affected":[{"source":"2499f714-1537-4658-8207-48ae4bb9eae9","affectedData":[{"vendor":"curl","product":"curl","defaultStatus":"unaffected","versions":[{"version":"8.20.0","lessThanOrEqual":"8.20.0","versionType":"semver","status":"affected"},{"version":"8.19.0","lessThanOrEqual":"8.19.0","versionType":"semver","status":"affected"},{"version":"8.18.0","lessThanOrEqual":"8.18.0","versionType":"semver","status":"affected"},{"version":"8.17.0","lessThanOrEqual":"8.17.0","versionType":"semver","status":"affected"},{"version":"8.16.0","lessThanOrEqual":"8.16.0","versionType":"semver","status":"affected"},{"version":"8.15.0","lessThanOrEqual":"8.15.0","versionType":"semver","status":"affected"},{"version":"8.14.1","lessThanOrEqual":"8.14.1","versionType":"semver","status":"affected"},{"version":"8.14.0","lessThanOrEqual":"8.14.0","versionType":"semver","status":"affected"},{"version":"8.13.0","lessThanOrEqual":"8.13.0","versionType":"semver","status":"affected"},{"version":"8.12.1","lessThanOrEqual":"8.12.1","versionType":"semver","status":"affected"},{"version":"8.12.0","lessThanOrEqual":"8.12.0","versionType":"semver","status":"affected"},{"version":"8.11.1","lessThanOrEqual":"8.11.1","versionType":"semver","status":"affected"},{"version":"8.11.0","lessThanOrEqual":"8.11.0","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-06T16:52:42.898546Z","id":"CVE-2026-9545","options":[{"exploitation":"poc"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-noinfo"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:haxx:curl:*:*:*:*:*:*:*:*","versionStartIncluding":"8.11.0","versionEndExcluding":"8.21.0","matchCriteriaId":"C6D1007D-3E09-4D44-993A-9ACC2316FD0A"}]}]}],"references":[{"url":"https://curl.se/docs/CVE-2026-9545.html","source":"2499f714-1537-4658-8207-48ae4bb9eae9","tags":["Patch","Vendor Advisory"]},{"url":"https://curl.se/docs/CVE-2026-9545.json","source":"2499f714-1537-4658-8207-48ae4bb9eae9","tags":["Vendor Advisory"]},{"url":"https://hackerone.com/reports/3752888","source":"2499f714-1537-4658-8207-48ae4bb9eae9","tags":["Exploit","Issue Tracking","Third Party Advisory"]},{"url":"https://hackerone.com/reports/3752888","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","tags":["Exploit","Issue Tracking","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2026-9546","sourceIdentifier":"2499f714-1537-4658-8207-48ae4bb9eae9","published":"2026-07-03T07:16:25.893","lastModified":"2026-07-07T14:53:26.517","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"A vulnerability in libcurl caused the HTTP `Referer:` header to persist even\nwhen explicitly cleared. While the documentation states that passing NULL to\n`CURLOPT_REFERER` suppresses the header, the option failed to clear the\ninternal state. As a result the previous referrer string was erroneously\nreused and sent in subsequent requests, potentially leaking sensitive\ninformation to unintended servers."}],"affected":[{"source":"2499f714-1537-4658-8207-48ae4bb9eae9","affectedData":[{"vendor":"curl","product":"curl","defaultStatus":"unaffected","versions":[{"version":"8.20.0","lessThanOrEqual":"8.20.0","versionType":"semver","status":"affected"},{"version":"8.19.0","lessThanOrEqual":"8.19.0","versionType":"semver","status":"affected"},{"version":"8.18.0","lessThanOrEqual":"8.18.0","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-06T16:51:06.094113Z","id":"CVE-2026-9546","options":[{"exploitation":"poc"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-noinfo"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:haxx:curl:*:*:*:*:*:*:*:*","versionStartIncluding":"8.18.0","versionEndExcluding":"8.21.0","matchCriteriaId":"6EF934FA-9E74-432D-A41E-157D65C6B539"}]}]}],"references":[{"url":"https://curl.se/docs/CVE-2026-9546.html","source":"2499f714-1537-4658-8207-48ae4bb9eae9","tags":["Patch","Vendor Advisory"]},{"url":"https://curl.se/docs/CVE-2026-9546.json","source":"2499f714-1537-4658-8207-48ae4bb9eae9","tags":["Third Party Advisory"]},{"url":"https://hackerone.com/reports/3754343","source":"2499f714-1537-4658-8207-48ae4bb9eae9","tags":["Exploit","Issue Tracking","Third Party Advisory"]},{"url":"https://hackerone.com/reports/3754343","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","tags":["Exploit","Issue Tracking","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2026-9547","sourceIdentifier":"2499f714-1537-4658-8207-48ae4bb9eae9","published":"2026-07-03T07:16:25.990","lastModified":"2026-07-07T14:52:29.503","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"When a libcurl-based application performs transfers via `SCP://` or `SFTP://`\nand utilizes the `CURLOPT_SSH_KEYFUNCTION` callback, it may silently accept an\nuntrusted server. This vulnerability occurs when a server presents a host key\ntype that does not match the specific key type already recorded for that host\nin the `known_hosts` file. Instead of rejecting the mismatch, the callback\nmechanism fails to properly enforce the restriction, allowing the connection\nto succeed without warning and risking a potential man-in-the-middle attack."}],"affected":[{"source":"2499f714-1537-4658-8207-48ae4bb9eae9","affectedData":[{"vendor":"curl","product":"curl","defaultStatus":"unaffected","versions":[{"version":"8.20.0","lessThanOrEqual":"8.20.0","versionType":"semver","status":"affected"},{"version":"8.19.0","lessThanOrEqual":"8.19.0","versionType":"semver","status":"affected"},{"version":"8.18.0","lessThanOrEqual":"8.18.0","versionType":"semver","status":"affected"},{"version":"8.17.0","lessThanOrEqual":"8.17.0","versionType":"semver","status":"affected"},{"version":"8.16.0","lessThanOrEqual":"8.16.0","versionType":"semver","status":"affected"},{"version":"8.15.0","lessThanOrEqual":"8.15.0","versionType":"semver","status":"affected"},{"version":"8.14.1","lessThanOrEqual":"8.14.1","versionType":"semver","status":"affected"},{"version":"8.14.0","lessThanOrEqual":"8.14.0","versionType":"semver","status":"affected"},{"version":"8.13.0","lessThanOrEqual":"8.13.0","versionType":"semver","status":"affected"},{"version":"8.12.1","lessThanOrEqual":"8.12.1","versionType":"semver","status":"affected"},{"version":"8.12.0","lessThanOrEqual":"8.12.0","versionType":"semver","status":"affected"},{"version":"8.11.1","lessThanOrEqual":"8.11.1","versionType":"semver","status":"affected"},{"version":"8.11.0","lessThanOrEqual":"8.11.0","versionType":"semver","status":"affected"},{"version":"8.10.1","lessThanOrEqual":"8.10.1","versionType":"semver","status":"affected"},{"version":"8.10.0","lessThanOrEqual":"8.10.0","versionType":"semver","status":"affected"},{"version":"8.9.1","lessThanOrEqual":"8.9.1","versionType":"semver","status":"affected"},{"version":"8.9.0","lessThanOrEqual":"8.9.0","versionType":"semver","status":"affected"},{"version":"8.8.0","lessThanOrEqual":"8.8.0","versionType":"semver","status":"affected"},{"version":"8.7.1","lessThanOrEqual":"8.7.1","versionType":"semver","status":"affected"},{"version":"8.7.0","lessThanOrEqual":"8.7.0","versionType":"semver","status":"affected"},{"version":"8.6.0","lessThanOrEqual":"8.6.0","versionType":"semver","status":"affected"},{"version":"8.5.0","lessThanOrEqual":"8.5.0","versionType":"semver","status":"affected"},{"version":"8.4.0","lessThanOrEqual":"8.4.0","versionType":"semver","status":"affected"},{"version":"8.3.0","lessThanOrEqual":"8.3.0","versionType":"semver","status":"affected"},{"version":"8.2.1","lessThanOrEqual":"8.2.1","versionType":"semver","status":"affected"},{"version":"8.2.0","lessThanOrEqual":"8.2.0","versionType":"semver","status":"affected"},{"version":"8.1.2","lessThanOrEqual":"8.1.2","versionType":"semver","status":"affected"},{"version":"8.1.1","lessThanOrEqual":"8.1.1","versionType":"semver","status":"affected"},{"version":"8.1.0","lessThanOrEqual":"8.1.0","versionType":"semver","status":"affected"},{"version":"8.0.1","lessThanOrEqual":"8.0.1","versionType":"semver","status":"affected"},{"version":"8.0.0","lessThanOrEqual":"8.0.0","versionType":"semver","status":"affected"},{"version":"7.88.1","lessThanOrEqual":"7.88.1","versionType":"semver","status":"affected"},{"version":"7.88.0","lessThanOrEqual":"7.88.0","versionType":"semver","status":"affected"},{"version":"7.87.0","lessThanOrEqual":"7.87.0","versionType":"semver","status":"affected"},{"version":"7.86.0","lessThanOrEqual":"7.86.0","versionType":"semver","status":"affected"},{"version":"7.85.0","lessThanOrEqual":"7.85.0","versionType":"semver","status":"affected"},{"version":"7.84.0","lessThanOrEqual":"7.84.0","versionType":"semver","status":"affected"},{"version":"7.83.1","lessThanOrEqual":"7.83.1","versionType":"semver","status":"affected"},{"version":"7.83.0","lessThanOrEqual":"7.83.0","versionType":"semver","status":"affected"},{"version":"7.82.0","lessThanOrEqual":"7.82.0","versionType":"semver","status":"affected"},{"version":"7.81.0","lessThanOrEqual":"7.81.0","versionType":"semver","status":"affected"},{"version":"7.80.0","lessThanOrEqual":"7.80.0","versionType":"semver","status":"affected"},{"version":"7.79.1","lessThanOrEqual":"7.79.1","versionType":"semver","status":"affected"},{"version":"7.79.0","lessThanOrEqual":"7.79.0","versionType":"semver","status":"affected"},{"version":"7.78.0","lessThanOrEqual":"7.78.0","versionType":"semver","status":"affected"},{"version":"7.77.0","lessThanOrEqual":"7.77.0","versionType":"semver","status":"affected"},{"version":"7.76.1","lessThanOrEqual":"7.76.1","versionType":"semver","status":"affected"},{"version":"7.76.0","lessThanOrEqual":"7.76.0","versionType":"semver","status":"affected"},{"version":"7.75.0","lessThanOrEqual":"7.75.0","versionType":"semver","status":"affected"},{"version":"7.74.0","lessThanOrEqual":"7.74.0","versionType":"semver","status":"affected"},{"version":"7.73.0","lessThanOrEqual":"7.73.0","versionType":"semver","status":"affected"},{"version":"7.72.0","lessThanOrEqual":"7.72.0","versionType":"semver","status":"affected"},{"version":"7.71.1","lessThanOrEqual":"7.71.1","versionType":"semver","status":"affected"},{"version":"7.71.0","lessThanOrEqual":"7.71.0","versionType":"semver","status":"affected"},{"version":"7.70.0","lessThanOrEqual":"7.70.0","versionType":"semver","status":"affected"},{"version":"7.69.1","lessThanOrEqual":"7.69.1","versionType":"semver","status":"affected"},{"version":"7.69.0","lessThanOrEqual":"7.69.0","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N","baseScore":7.4,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":2.2,"impactScore":5.2}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-06T16:47:32.456534Z","id":"CVE-2026-9547","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-Other"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:haxx:curl:*:*:*:*:*:*:*:*","versionStartIncluding":"7.69.0","versionEndExcluding":"8.21.0","matchCriteriaId":"384FD0B4-826D-4A6C-9F78-BC25B9039011"}]}]}],"references":[{"url":"https://curl.se/docs/CVE-2026-9547.html","source":"2499f714-1537-4658-8207-48ae4bb9eae9","tags":["Patch","Vendor Advisory"]},{"url":"https://curl.se/docs/CVE-2026-9547.json","source":"2499f714-1537-4658-8207-48ae4bb9eae9","tags":["Vendor Advisory"]},{"url":"https://hackerone.com/reports/3751712","source":"2499f714-1537-4658-8207-48ae4bb9eae9","tags":["Exploit","Issue Tracking","Third Party Advisory"]},{"url":"https://hackerone.com/reports/3751712","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","tags":["Exploit","Issue Tracking","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2026-14620","sourceIdentifier":"ce714d77-add3-4f53-aff5-83d477b104bb","published":"2026-07-03T17:16:53.620","lastModified":"2026-07-07T15:12:43.947","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"webpack-dev-server versions 5.2.5 and earlier expose two internal developer endpoints, /webpack-dev-server/open-editor and /webpack-dev-server/invalidate, that perform state-changing actions on any GET request without verifying that the request originated from the dev server's own page. Any website a developer visits while the dev server is running can trigger these endpoints cross-origin with no interaction beyond the visit. An attacker can open an arbitrary existing local file in the developer's editor, including files outside the project root, and repeated requests can spawn editor processes and force recompilations that degrade the developer's machine. Patches: upgrade to webpack-dev-server 5.2.6. Workarounds: none."}],"affected":[{"source":"ce714d77-add3-4f53-aff5-83d477b104bb","affectedData":[{"vendor":"webpack-dev-server","product":"webpack-dev-server","defaultStatus":"unaffected","packageURL":"pkg:npm/webpack-dev-server","versions":[{"version":"0","lessThan":"5.2.6","versionType":"semver","status":"affected"},{"version":"5.2.6","versionType":"semver","status":"unaffected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"ce714d77-add3-4f53-aff5-83d477b104bb","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:N/A:L","baseScore":4.7,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"LOW"},"exploitabilityScore":2.8,"impactScore":1.4},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:N/A:L","baseScore":4.7,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"LOW"},"exploitabilityScore":2.8,"impactScore":1.4}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-06T15:54:37.670158Z","id":"CVE-2026-14620","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"ce714d77-add3-4f53-aff5-83d477b104bb","type":"Secondary","description":[{"lang":"en","value":"CWE-352"},{"lang":"en","value":"CWE-749"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:webpack.js:webpack-dev-server:*:*:*:*:*:*:*:*","versionEndExcluding":"5.2.6","matchCriteriaId":"18354AA3-AA9C-44CC-AC11-E305120D5261"}]}]}],"references":[{"url":"https://cna.openjsf.org/security-advisories.html","source":"ce714d77-add3-4f53-aff5-83d477b104bb","tags":["Third Party Advisory"]},{"url":"https://github.com/webpack/webpack-dev-server/security/advisories/GHSA-f5vj-f2hx-8m93","source":"ce714d77-add3-4f53-aff5-83d477b104bb","tags":["Patch","Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-14631","sourceIdentifier":"ce714d77-add3-4f53-aff5-83d477b104bb","published":"2026-07-03T18:16:24.687","lastModified":"2026-07-07T15:08:59.667","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"webpack-dev-server versions 5.2.5 and earlier terminate the whole Node.js process when an unauthenticated peer sends either a normal HTTP request with a malformed Host header or a WebSocket upgrade to the default /ws endpoint with a malformed Origin header. The malformed value causes an uncaught exception in the host-validation path and crashes the dev server. Impact is limited to availability of the development server, no data disclosure, no code execution. Patches: upgrade to webpack-dev-server 5.2.6. Workarounds: keep the dev server bound to localhost (the default) and do not expose it to untrusted networks."}],"affected":[{"source":"ce714d77-add3-4f53-aff5-83d477b104bb","affectedData":[{"vendor":"webpack-dev-server","product":"webpack-dev-server","defaultStatus":"unaffected","packageURL":"pkg:npm/webpack-dev-server","versions":[{"version":"0","lessThan":"5.2.6","versionType":"semver","status":"affected"},{"version":"5.2.6","versionType":"semver","status":"unaffected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"ce714d77-add3-4f53-aff5-83d477b104bb","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L","baseScore":5.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"LOW"},"exploitabilityScore":3.9,"impactScore":1.4}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-06T15:54:04.567228Z","id":"CVE-2026-14631","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"ce714d77-add3-4f53-aff5-83d477b104bb","type":"Secondary","description":[{"lang":"en","value":"CWE-20"},{"lang":"en","value":"CWE-248"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:webpack.js:webpack-dev-server:*:*:*:*:*:*:*:*","versionEndExcluding":"5.2.6","matchCriteriaId":"18354AA3-AA9C-44CC-AC11-E305120D5261"}]}]}],"references":[{"url":"https://cna.openjsf.org/security-advisories.html","source":"ce714d77-add3-4f53-aff5-83d477b104bb","tags":["Third Party Advisory"]},{"url":"https://github.com/webpack/webpack-dev-server/security/advisories/GHSA-m28w-2pqf-7qgj","source":"ce714d77-add3-4f53-aff5-83d477b104bb","tags":["Mitigation","Vendor Advisory","Patch"]}]}},{"cve":{"id":"CVE-2026-45488","sourceIdentifier":"secure@microsoft.com","published":"2026-07-03T21:17:00.183","lastModified":"2026-07-07T13:50:43.050","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"User interface (ui) misrepresentation of critical information in Microsoft Edge (Chromium-based) allows an unauthorized attacker to perform spoofing over a network."}],"affected":[{"source":"secure@microsoft.com","affectedData":[{"vendor":"Microsoft","product":"Microsoft Edge (Chromium-based)","versions":[{"version":"1.0.0.0","lessThan":"150.0.4078.48","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"secure@microsoft.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N","baseScore":5.4,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":2.5},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:H/A:N","baseScore":5.9,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":1.6,"impactScore":4.2}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-07T02:18:07.141975Z","id":"CVE-2026-45488","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"secure@microsoft.com","type":"Secondary","description":[{"lang":"en","value":"CWE-451"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:edge_chromium:*:*:*:*:*:*:*:*","versionEndExcluding":"150.0.4078.48","matchCriteriaId":"0C006CA1-F693-4B52-BC1A-A7B44979EAB8"}]}]}],"references":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-45488","source":"secure@microsoft.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-55945","sourceIdentifier":"secure@microsoft.com","published":"2026-07-03T21:17:00.550","lastModified":"2026-07-07T13:31:43.910","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Concurrent execution using shared resource with improper synchronization ('race condition') in Microsoft Edge (Chromium-based) allows an authorized attacker to disclose information locally."}],"affected":[{"source":"secure@microsoft.com","affectedData":[{"vendor":"Microsoft","product":"Microsoft Edge (Chromium-based)","versions":[{"version":"1.0.0.0","lessThan":"150.0.4078.48","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"secure@microsoft.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:N","baseScore":4.2,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"HIGH","privilegesRequired":"LOW","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":1.1,"impactScore":2.7}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-06T12:37:16.525115Z","id":"CVE-2026-55945","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"secure@microsoft.com","type":"Secondary","description":[{"lang":"en","value":"CWE-362"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:edge_chromium:*:*:*:*:*:*:*:*","versionEndExcluding":"150.0.4078.48","matchCriteriaId":"0C006CA1-F693-4B52-BC1A-A7B44979EAB8"}]}]}],"references":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-55945","source":"secure@microsoft.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-56645","sourceIdentifier":"secure@microsoft.com","published":"2026-07-03T21:17:00.670","lastModified":"2026-07-07T13:45:19.933","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Heap-based buffer overflow in Microsoft Edge (Chromium-based) allows an unauthorized attacker to execute code over a network."}],"affected":[{"source":"secure@microsoft.com","affectedData":[{"vendor":"Microsoft","product":"Microsoft Edge (Chromium-based)","versions":[{"version":"1.0.0.0","lessThan":"150.0.4078.48","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"secure@microsoft.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-06T00:00:00+00:00","id":"CVE-2026-56645","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"secure@microsoft.com","type":"Secondary","description":[{"lang":"en","value":"CWE-122"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:edge_chromium:*:*:*:*:-:*:*:*","versionEndExcluding":"150.0.4078.48","matchCriteriaId":"48F2BF1A-3594-4AC0-B74D-FA7BF3259AC4"}]}]}],"references":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-56645","source":"secure@microsoft.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-56646","sourceIdentifier":"secure@microsoft.com","published":"2026-07-03T21:17:00.783","lastModified":"2026-07-07T13:44:42.013","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Exposure of sensitive information to an unauthorized actor in Microsoft Edge (Chromium-based) allows an unauthorized attacker to perform spoofing over a network."}],"affected":[{"source":"secure@microsoft.com","affectedData":[{"vendor":"Microsoft","product":"Microsoft Edge (Chromium-based)","versions":[{"version":"1.0.0.0","lessThan":"150.0.4078.48","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"secure@microsoft.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-06T15:17:11.669950Z","id":"CVE-2026-56646","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"secure@microsoft.com","type":"Secondary","description":[{"lang":"en","value":"CWE-200"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:edge_chromium:*:*:*:*:-:*:*:*","versionEndExcluding":"150.0.4078.48","matchCriteriaId":"48F2BF1A-3594-4AC0-B74D-FA7BF3259AC4"}]}]}],"references":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-56646","source":"secure@microsoft.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-57974","sourceIdentifier":"secure@microsoft.com","published":"2026-07-03T21:17:00.957","lastModified":"2026-07-07T13:43:32.083","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Integer overflow or wraparound in Microsoft Edge (Chromium-based) allows an unauthorized attacker to execute code over a network."}],"affected":[{"source":"secure@microsoft.com","affectedData":[{"vendor":"Microsoft","product":"Microsoft Edge (Chromium-based)","versions":[{"version":"1.0.0.0","lessThan":"150.0.4078.48","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"secure@microsoft.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-06T00:00:00+00:00","id":"CVE-2026-57974","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"secure@microsoft.com","type":"Secondary","description":[{"lang":"en","value":"CWE-190"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:edge_chromium:*:*:*:*:-:*:*:*","versionEndExcluding":"150.0.4078.48","matchCriteriaId":"48F2BF1A-3594-4AC0-B74D-FA7BF3259AC4"}]}]}],"references":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-57974","source":"secure@microsoft.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-57975","sourceIdentifier":"secure@microsoft.com","published":"2026-07-03T21:17:01.077","lastModified":"2026-07-07T13:42:46.433","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Access of resource using incompatible type ('type confusion') in Microsoft Edge (Chromium-based) allows an unauthorized attacker to execute code over a network."}],"affected":[{"source":"secure@microsoft.com","affectedData":[{"vendor":"Microsoft","product":"Microsoft Edge (Chromium-based)","versions":[{"version":"1.0.0.0","lessThan":"150.0.4078.48","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"secure@microsoft.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.6,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-06T00:00:00+00:00","id":"CVE-2026-57975","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"secure@microsoft.com","type":"Secondary","description":[{"lang":"en","value":"CWE-843"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:edge_chromium:*:*:*:*:-:*:*:*","versionEndExcluding":"150.0.4078.48","matchCriteriaId":"48F2BF1A-3594-4AC0-B74D-FA7BF3259AC4"}]}]}],"references":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-57975","source":"secure@microsoft.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-57977","sourceIdentifier":"secure@microsoft.com","published":"2026-07-03T21:17:01.193","lastModified":"2026-07-07T13:14:18.280","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Improper neutralization of input during web page generation ('cross-site scripting') in Microsoft Edge (Chromium-based) allows an unauthorized attacker to perform spoofing over a network."}],"affected":[{"source":"secure@microsoft.com","affectedData":[{"vendor":"Microsoft","product":"Microsoft Edge (Chromium-based)","versions":[{"version":"1.0.0.0","lessThan":"150.0.4078.48","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"secure@microsoft.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:H/A:N","baseScore":7.1,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":4.2}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-06T16:32:26.892713Z","id":"CVE-2026-57977","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"secure@microsoft.com","type":"Secondary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:edge_chromium:*:*:*:*:-:*:*:*","versionEndExcluding":"150.0.4078.48","matchCriteriaId":"48F2BF1A-3594-4AC0-B74D-FA7BF3259AC4"}]}]}],"references":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-57977","source":"secure@microsoft.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-57981","sourceIdentifier":"secure@microsoft.com","published":"2026-07-03T21:17:01.313","lastModified":"2026-07-07T15:12:44.373","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Use after free in Microsoft Edge (Chromium-based) allows an unauthorized attacker to execute code over a network."}],"affected":[{"source":"secure@microsoft.com","affectedData":[{"vendor":"Microsoft","product":"Microsoft Edge (Chromium-based)","versions":[{"version":"1.0.0.0","lessThan":"150.0.4078.48","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"secure@microsoft.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-06T00:00:00+00:00","id":"CVE-2026-57981","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"secure@microsoft.com","type":"Secondary","description":[{"lang":"en","value":"CWE-416"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:edge_chromium:*:*:*:*:*:*:*:*","versionEndExcluding":"150.0.4078.48","matchCriteriaId":"0C006CA1-F693-4B52-BC1A-A7B44979EAB8"}]}]}],"references":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-57981","source":"secure@microsoft.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-57983","sourceIdentifier":"secure@microsoft.com","published":"2026-07-03T21:17:01.433","lastModified":"2026-07-07T15:15:02.530","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Improper authorization in Microsoft Edge (Chromium-based) allows an unauthorized attacker to bypass a security feature over a network."}],"affected":[{"source":"secure@microsoft.com","affectedData":[{"vendor":"Microsoft","product":"Microsoft Edge (Chromium-based)","versions":[{"version":"1.0.0.0","lessThan":"150.0.4078.48","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"secure@microsoft.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N","baseScore":8.7,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":2.2,"impactScore":5.8},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:N","baseScore":10.0,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":5.8}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-06T00:00:00+00:00","id":"CVE-2026-57983","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"secure@microsoft.com","type":"Secondary","description":[{"lang":"en","value":"CWE-285"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:edge_chromium:*:*:*:*:*:*:*:*","versionEndExcluding":"150.0.4078.48","matchCriteriaId":"0C006CA1-F693-4B52-BC1A-A7B44979EAB8"}]}]}],"references":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-57983","source":"secure@microsoft.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-57984","sourceIdentifier":"secure@microsoft.com","published":"2026-07-03T21:17:01.550","lastModified":"2026-07-07T15:17:01.677","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Use after free in Microsoft Edge (Chromium-based) allows an unauthorized attacker to execute code over a network."}],"affected":[{"source":"secure@microsoft.com","affectedData":[{"vendor":"Microsoft","product":"Microsoft Edge (Chromium-based)","versions":[{"version":"1.0.0.0","lessThan":"150.0.4078.48","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"secure@microsoft.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.6,"impactScore":5.9},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.6,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-06T00:00:00+00:00","id":"CVE-2026-57984","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"secure@microsoft.com","type":"Secondary","description":[{"lang":"en","value":"CWE-416"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:edge_chromium:*:*:*:*:*:*:*:*","versionEndExcluding":"150.0.4078.48","matchCriteriaId":"0C006CA1-F693-4B52-BC1A-A7B44979EAB8"}]}]}],"references":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-57984","source":"secure@microsoft.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-57985","sourceIdentifier":"secure@microsoft.com","published":"2026-07-03T21:17:01.663","lastModified":"2026-07-07T15:22:29.857","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Improper input validation in Microsoft Edge (Chromium-based) allows an unauthorized attacker to execute code over a network."}],"affected":[{"source":"secure@microsoft.com","affectedData":[{"vendor":"Microsoft","product":"Microsoft Edge (Chromium-based)","versions":[{"version":"1.0.0.0","lessThan":"150.0.4078.48","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"secure@microsoft.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:H/A:L","baseScore":7.6,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"HIGH","availabilityImpact":"LOW"},"exploitabilityScore":2.8,"impactScore":4.7},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-06T00:00:00+00:00","id":"CVE-2026-57985","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"secure@microsoft.com","type":"Secondary","description":[{"lang":"en","value":"CWE-20"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-noinfo"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:edge_chromium:*:*:*:*:*:*:*:*","versionEndExcluding":"150.0.4078.48","matchCriteriaId":"0C006CA1-F693-4B52-BC1A-A7B44979EAB8"}]}]}],"references":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-57985","source":"secure@microsoft.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-57986","sourceIdentifier":"secure@microsoft.com","published":"2026-07-03T21:17:01.780","lastModified":"2026-07-07T12:50:49.980","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Use after free in Microsoft Edge (Chromium-based) allows an unauthorized attacker to execute code over a network."}],"affected":[{"source":"secure@microsoft.com","affectedData":[{"vendor":"Microsoft","product":"Microsoft Edge (Chromium-based)","versions":[{"version":"1.0.0.0","lessThan":"150.0.4078.48","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"secure@microsoft.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.6,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-06T00:00:00+00:00","id":"CVE-2026-57986","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"secure@microsoft.com","type":"Secondary","description":[{"lang":"en","value":"CWE-416"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:edge_chromium:*:*:*:*:-:*:*:*","versionEndExcluding":"150.0.4078.48","matchCriteriaId":"48F2BF1A-3594-4AC0-B74D-FA7BF3259AC4"}]}]}],"references":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-57986","source":"secure@microsoft.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-57987","sourceIdentifier":"secure@microsoft.com","published":"2026-07-03T21:17:01.903","lastModified":"2026-07-07T12:44:32.567","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Server-side request forgery (ssrf) in Microsoft Edge (Chromium-based) allows an unauthorized attacker to perform spoofing over a network."}],"affected":[{"source":"secure@microsoft.com","affectedData":[{"vendor":"Microsoft","product":"Microsoft Edge (Chromium-based)","versions":[{"version":"1.0.0.0","lessThan":"150.0.4078.48","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"secure@microsoft.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-06T16:29:44.480010Z","id":"CVE-2026-57987","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"secure@microsoft.com","type":"Secondary","description":[{"lang":"en","value":"CWE-918"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:edge_chromium:*:*:*:*:-:*:*:*","versionEndExcluding":"150.0.4078.48","matchCriteriaId":"48F2BF1A-3594-4AC0-B74D-FA7BF3259AC4"}]}]}],"references":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-57987","source":"secure@microsoft.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-57988","sourceIdentifier":"secure@microsoft.com","published":"2026-07-03T21:17:02.023","lastModified":"2026-07-07T12:43:36.940","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Relative path traversal in Microsoft Edge (Chromium-based) allows an unauthorized attacker to execute code over a network."}],"affected":[{"source":"secure@microsoft.com","affectedData":[{"vendor":"Microsoft","product":"Microsoft Edge (Chromium-based)","versions":[{"version":"1.0.0.0","lessThan":"150.0.4078.48","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"secure@microsoft.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:L","baseScore":7.1,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"HIGH","availabilityImpact":"LOW"},"exploitabilityScore":2.8,"impactScore":4.2}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-06T00:00:00+00:00","id":"CVE-2026-57988","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"secure@microsoft.com","type":"Secondary","description":[{"lang":"en","value":"CWE-23"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:edge_chromium:*:*:*:*:-:*:*:*","versionEndExcluding":"150.0.4078.48","matchCriteriaId":"48F2BF1A-3594-4AC0-B74D-FA7BF3259AC4"}]}]}],"references":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-57988","source":"secure@microsoft.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-57991","sourceIdentifier":"secure@microsoft.com","published":"2026-07-03T21:17:02.180","lastModified":"2026-07-07T12:43:02.303","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Improper link resolution before file access ('link following') in Microsoft Edge (Chromium-based) allows an unauthorized attacker to disclose information over a network."}],"affected":[{"source":"secure@microsoft.com","affectedData":[{"vendor":"Microsoft","product":"Microsoft Edge (Chromium-based)","versions":[{"version":"1.0.0.0","lessThan":"150.0.4078.48","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"secure@microsoft.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N","baseScore":7.4,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":4.0}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-06T11:31:12.247561Z","id":"CVE-2026-57991","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"secure@microsoft.com","type":"Secondary","description":[{"lang":"en","value":"CWE-59"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:edge_chromium:*:*:*:*:-:*:*:*","versionEndExcluding":"150.0.4078.48","matchCriteriaId":"48F2BF1A-3594-4AC0-B74D-FA7BF3259AC4"}]}]}],"references":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-57991","source":"secure@microsoft.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-57992","sourceIdentifier":"secure@microsoft.com","published":"2026-07-03T21:17:02.310","lastModified":"2026-07-07T12:41:39.633","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Use after free in Microsoft Edge (Chromium-based) allows an unauthorized attacker to execute code over a network."}],"affected":[{"source":"secure@microsoft.com","affectedData":[{"vendor":"Microsoft","product":"Microsoft Edge (Chromium-based)","versions":[{"version":"1.0.0.0","lessThan":"150.0.4078.48","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"secure@microsoft.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.6,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-06T00:00:00+00:00","id":"CVE-2026-57992","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"secure@microsoft.com","type":"Secondary","description":[{"lang":"en","value":"CWE-416"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:edge_chromium:*:*:*:*:-:*:*:*","versionEndExcluding":"150.0.4078.48","matchCriteriaId":"48F2BF1A-3594-4AC0-B74D-FA7BF3259AC4"}]}]}],"references":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-57992","source":"secure@microsoft.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-58287","sourceIdentifier":"secure@microsoft.com","published":"2026-07-03T21:17:03.413","lastModified":"2026-07-07T12:40:42.487","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Use after free in Microsoft Edge (Chromium-based) allows an unauthorized attacker to execute code over a network."}],"affected":[{"source":"secure@microsoft.com","affectedData":[{"vendor":"Microsoft","product":"Microsoft Edge (Chromium-based)","versions":[{"version":"1.0.0.0","lessThan":"150.0.4078.48","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"secure@microsoft.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H","baseScore":8.3,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.6,"impactScore":6.0}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-06T00:00:00+00:00","id":"CVE-2026-58287","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"secure@microsoft.com","type":"Secondary","description":[{"lang":"en","value":"CWE-416"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:edge_chromium:*:*:*:*:-:*:*:*","versionEndExcluding":"150.0.4078.48","matchCriteriaId":"48F2BF1A-3594-4AC0-B74D-FA7BF3259AC4"}]}]}],"references":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-58287","source":"secure@microsoft.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-58289","sourceIdentifier":"secure@microsoft.com","published":"2026-07-03T21:17:03.640","lastModified":"2026-07-07T12:40:04.297","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Access of resource using incompatible type ('type confusion') in Microsoft Edge (Chromium-based) allows an unauthorized attacker to execute code over a network."}],"affected":[{"source":"secure@microsoft.com","affectedData":[{"vendor":"Microsoft","product":"Microsoft Edge (Chromium-based)","versions":[{"version":"1.0.0.0","lessThan":"150.0.4078.48","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"secure@microsoft.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H","baseScore":9.0,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.2,"impactScore":6.0},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H","baseScore":8.3,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.6,"impactScore":6.0}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-06T00:00:00+00:00","id":"CVE-2026-58289","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"secure@microsoft.com","type":"Secondary","description":[{"lang":"en","value":"CWE-843"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:edge_chromium:*:*:*:*:-:*:*:*","versionEndExcluding":"150.0.4078.48","matchCriteriaId":"48F2BF1A-3594-4AC0-B74D-FA7BF3259AC4"}]}]}],"references":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-58289","source":"secure@microsoft.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-58290","sourceIdentifier":"secure@microsoft.com","published":"2026-07-03T21:17:03.770","lastModified":"2026-07-07T14:16:33.650","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Access of resource using incompatible type ('type confusion') in Microsoft Edge (Chromium-based) allows an unauthorized attacker to execute code over a network."}],"affected":[{"source":"secure@microsoft.com","affectedData":[{"vendor":"Microsoft","product":"Microsoft Edge (Chromium-based)","versions":[{"version":"1.0.0.0","lessThan":"150.0.4078.48","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"secure@microsoft.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:H/A:L","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"HIGH","availabilityImpact":"LOW"},"exploitabilityScore":1.6,"impactScore":5.3}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-07T03:55:38.605549Z","id":"CVE-2026-58290","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"secure@microsoft.com","type":"Secondary","description":[{"lang":"en","value":"CWE-843"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:edge_chromium:*:*:*:*:-:*:*:*","versionEndExcluding":"150.0.4078.48","matchCriteriaId":"48F2BF1A-3594-4AC0-B74D-FA7BF3259AC4"}]}]}],"references":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-58290","source":"secure@microsoft.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-58292","sourceIdentifier":"secure@microsoft.com","published":"2026-07-03T21:17:04.013","lastModified":"2026-07-07T12:37:27.530","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Improper input validation in Microsoft Edge (Chromium-based) allows an unauthorized attacker to execute code over a network."}],"affected":[{"source":"secure@microsoft.com","affectedData":[{"vendor":"Microsoft","product":"Microsoft Edge (Chromium-based)","versions":[{"version":"1.0.0.0","lessThan":"150.0.4078.48","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"secure@microsoft.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:H/A:L","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"HIGH","availabilityImpact":"LOW"},"exploitabilityScore":1.6,"impactScore":5.3}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-06T00:00:00+00:00","id":"CVE-2026-58292","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"secure@microsoft.com","type":"Secondary","description":[{"lang":"en","value":"CWE-20"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:edge_chromium:*:*:*:*:-:*:*:*","versionEndExcluding":"150.0.4078.48","matchCriteriaId":"48F2BF1A-3594-4AC0-B74D-FA7BF3259AC4"}]}]}],"references":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-58292","source":"secure@microsoft.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-58293","sourceIdentifier":"secure@microsoft.com","published":"2026-07-03T21:17:04.143","lastModified":"2026-07-07T12:36:37.217","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"External control of file name or path in Microsoft Edge (Chromium-based) allows an unauthorized attacker to execute code over a network."}],"affected":[{"source":"secure@microsoft.com","affectedData":[{"vendor":"Microsoft","product":"Microsoft Edge (Chromium-based)","versions":[{"version":"1.0.0.0","lessThan":"150.0.4078.48","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"secure@microsoft.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":8.1,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.2,"impactScore":5.9},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.6,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-06T00:00:00+00:00","id":"CVE-2026-58293","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"secure@microsoft.com","type":"Secondary","description":[{"lang":"en","value":"CWE-73"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:edge_chromium:*:*:*:*:-:*:*:*","versionEndExcluding":"150.0.4078.48","matchCriteriaId":"48F2BF1A-3594-4AC0-B74D-FA7BF3259AC4"}]}]}],"references":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-58293","source":"secure@microsoft.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-58294","sourceIdentifier":"secure@microsoft.com","published":"2026-07-03T21:17:04.293","lastModified":"2026-07-07T12:33:42.660","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Use after free in Microsoft Edge (Chromium-based) allows an unauthorized attacker to execute code over a network."}],"affected":[{"source":"secure@microsoft.com","affectedData":[{"vendor":"Microsoft","product":"Microsoft Edge (Chromium-based)","versions":[{"version":"1.0.0.0","lessThan":"150.0.4078.48","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"secure@microsoft.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.6,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-06T00:00:00+00:00","id":"CVE-2026-58294","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"secure@microsoft.com","type":"Secondary","description":[{"lang":"en","value":"CWE-416"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:edge_chromium:*:*:*:*:-:*:*:*","versionEndExcluding":"150.0.4078.48","matchCriteriaId":"48F2BF1A-3594-4AC0-B74D-FA7BF3259AC4"}]}]}],"references":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-58294","source":"secure@microsoft.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-58295","sourceIdentifier":"secure@microsoft.com","published":"2026-07-03T21:17:04.417","lastModified":"2026-07-07T12:32:13.573","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Access of resource using incompatible type ('type confusion') in Microsoft Edge (Chromium-based) allows an unauthorized attacker to bypass a security feature over a network."}],"affected":[{"source":"secure@microsoft.com","affectedData":[{"vendor":"Microsoft","product":"Microsoft Edge (Chromium-based)","versions":[{"version":"1.0.0.0","lessThan":"150.0.4078.48","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"secure@microsoft.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L","baseScore":8.3,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"LOW"},"exploitabilityScore":3.9,"impactScore":3.7}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-06T16:25:52.899779Z","id":"CVE-2026-58295","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"secure@microsoft.com","type":"Secondary","description":[{"lang":"en","value":"CWE-843"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:edge_chromium:*:*:*:*:-:*:*:*","versionEndExcluding":"150.0.4078.48","matchCriteriaId":"48F2BF1A-3594-4AC0-B74D-FA7BF3259AC4"}]}]}],"references":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-58295","source":"secure@microsoft.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-58296","sourceIdentifier":"secure@microsoft.com","published":"2026-07-03T21:17:04.547","lastModified":"2026-07-07T14:49:01.677","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Exposure of private personal information to an unauthorized actor in Microsoft Edge for Android allows an unauthorized attacker to disclose information over a network."}],"affected":[{"source":"secure@microsoft.com","affectedData":[{"vendor":"Microsoft","product":"Microsoft Edge (Chromium-based)","versions":[{"version":"1.0.0.0","lessThan":"150.0.4078.48","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"secure@microsoft.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:L/A:N","baseScore":7.1,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":4.2}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-06T15:16:33.996722Z","id":"CVE-2026-58296","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"secure@microsoft.com","type":"Secondary","description":[{"lang":"en","value":"CWE-359"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:edge_chromium:*:*:*:*:*:*:*:*","versionEndExcluding":"150.0.4078.48","matchCriteriaId":"0C006CA1-F693-4B52-BC1A-A7B44979EAB8"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:o:google:android:-:*:*:*:*:*:*:*","matchCriteriaId":"F8B9FEC8-73B6-43B8-B24E-1F7C20D91D26"}]}]}],"references":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-58296","source":"secure@microsoft.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-58297","sourceIdentifier":"secure@microsoft.com","published":"2026-07-03T21:17:04.663","lastModified":"2026-07-07T14:48:05.723","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Exposure of private personal information to an unauthorized actor in Microsoft Edge for Android allows an unauthorized attacker to disclose information over a network."}],"affected":[{"source":"secure@microsoft.com","affectedData":[{"vendor":"Microsoft","product":"Microsoft Edge (Chromium-based)","versions":[{"version":"1.0.0.0","lessThan":"150.0.4078.48","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"secure@microsoft.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:L/A:N","baseScore":7.1,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":4.2},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:L/A:N","baseScore":7.1,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":4.2}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-06T15:44:53.834884Z","id":"CVE-2026-58297","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"secure@microsoft.com","type":"Secondary","description":[{"lang":"en","value":"CWE-359"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:edge_chromium:*:*:*:*:*:*:*:*","versionEndExcluding":"150.0.4078.48","matchCriteriaId":"0C006CA1-F693-4B52-BC1A-A7B44979EAB8"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:o:google:android:-:*:*:*:*:*:*:*","matchCriteriaId":"F8B9FEC8-73B6-43B8-B24E-1F7C20D91D26"}]}]}],"references":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-58297","source":"secure@microsoft.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-58298","sourceIdentifier":"secure@microsoft.com","published":"2026-07-03T21:17:04.790","lastModified":"2026-07-07T14:50:40.517","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Improper neutralization of input during web page generation ('cross-site scripting') in Microsoft Edge (Chromium-based) allows an unauthorized attacker to perform spoofing over a network."}],"affected":[{"source":"secure@microsoft.com","affectedData":[{"vendor":"Microsoft","product":"Microsoft Edge (Chromium-based)","versions":[{"version":"1.0.0.0","lessThan":"150.0.4078.48","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"secure@microsoft.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N","baseScore":7.2,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":2.7},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","baseScore":6.1,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":2.7}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-07T02:19:59.403940Z","id":"CVE-2026-58298","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"secure@microsoft.com","type":"Secondary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:edge_chromium:*:*:*:*:-:*:*:*","versionEndExcluding":"150.0.4078.48","matchCriteriaId":"48F2BF1A-3594-4AC0-B74D-FA7BF3259AC4"}]}]}],"references":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-58298","source":"secure@microsoft.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-58299","sourceIdentifier":"secure@microsoft.com","published":"2026-07-03T21:17:04.907","lastModified":"2026-07-07T14:42:37.003","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Time-of-check time-of-use (toctou) race condition in Microsoft Edge for Android allows an unauthorized attacker to execute code over a network."}],"affected":[{"source":"secure@microsoft.com","affectedData":[{"vendor":"Microsoft","product":"Microsoft Edge (Chromium-based)","versions":[{"version":"1.0.0.0","lessThan":"150.0.4078.48","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"secure@microsoft.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.6,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-06T00:00:00+00:00","id":"CVE-2026-58299","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"secure@microsoft.com","type":"Secondary","description":[{"lang":"en","value":"CWE-367"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:edge_chromium:*:*:*:*:*:*:*:*","versionEndExcluding":"150.0.4078.48","matchCriteriaId":"0C006CA1-F693-4B52-BC1A-A7B44979EAB8"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:o:google:android:-:*:*:*:*:*:*:*","matchCriteriaId":"F8B9FEC8-73B6-43B8-B24E-1F7C20D91D26"}]}]}],"references":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-58299","source":"secure@microsoft.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-14798","sourceIdentifier":"cna@vuldb.com","published":"2026-07-06T06:16:27.513","lastModified":"2026-07-07T15:16:43.057","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"A vulnerability was identified in CodeAstro Apartment Visitor Management System 1.0. This issue affects some unknown processing of the file /apartment-visitor/visitor-entry.php. The manipulation of the argument visname leads to sql injection. The attack can be initiated remotely. The exploit is publicly available and might be used."},{"lang":"es","value":"Se ha identificado una vulnerabilidad en el sistema de gestión de visitantes de CodeAstro Apartment 1.0. Este problema afecta a un proceso desconocido del archivo /apartment-visitor/visitor-entry.php. La manipulación del argumento visname da lugar a una inyección SQL. El ataque puede iniciarse de forma remota. El código de explotación está disponible públicamente y podría utilizarse."}],"affected":[{"source":"cna@vuldb.com","affectedData":[{"vendor":"CodeAstro","product":"Apartment Visitor Management System","cpes":["cpe:2.3:a:codeastro:apartment_visitor_management_system:*:*:*:*:*:*:*:*"],"versions":[{"version":"1.0","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"cna@vuldb.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":2.1,"baseSeverity":"LOW","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"LOW","userInteraction":"NONE","vulnConfidentialityImpact":"LOW","vulnIntegrityImpact":"LOW","vulnAvailabilityImpact":"LOW","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"PROOF_OF_CONCEPT","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"cna@vuldb.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L","baseScore":6.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"LOW"},"exploitabilityScore":2.8,"impactScore":3.4}],"cvssMetricV2":[{"source":"cna@vuldb.com","type":"Secondary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:S/C:P/I:P/A:P","baseScore":6.5,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"SINGLE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"MEDIUM","exploitabilityScore":8.0,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-07T13:58:52.114727Z","id":"CVE-2026-14798","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"cna@vuldb.com","type":"Secondary","description":[{"lang":"en","value":"CWE-74"},{"lang":"en","value":"CWE-89"}]}],"references":[{"url":"https://codeastro.com/","source":"cna@vuldb.com"},{"url":"https://github.com/lilukun337/cve/issues/10","source":"cna@vuldb.com"},{"url":"https://vuldb.com/cve/CVE-2026-14798","source":"cna@vuldb.com"},{"url":"https://vuldb.com/submit/850852","source":"cna@vuldb.com"},{"url":"https://vuldb.com/vuln/376392","source":"cna@vuldb.com"},{"url":"https://vuldb.com/vuln/376392/cti","source":"cna@vuldb.com"}]}},{"cve":{"id":"CVE-2026-24012","sourceIdentifier":"security@apache.org","published":"2026-07-06T09:16:35.037","lastModified":"2026-07-07T17:53:36.780","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Uncontrolled Resource Consumption vulnerability in Apache IoTDB. \n\nSome interface fails to impose reasonable\nlimits on the time span and aggregation interval of the query. An attacker\ncan construct a request with extreme parameters (e.g., a very large time\nrange combined with a minimal interval). This forces the DataNode to build\nan enormous result set in memory, which exhausts the Java heap and causes\nthe DataNode process to crash.\n\nThis issue affects Apache IoTDB: from 1.3.3 before 2.0.8.\n\nUsers are recommended to upgrade to version 2.0.8, which fixes the issue."}],"affected":[{"source":"security@apache.org","affectedData":[{"vendor":"Apache Software Foundation","product":"Apache IoTDB","defaultStatus":"unaffected","versions":[{"version":"1.3.3","lessThan":"2.0.8","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-06T12:59:08.459706Z","id":"CVE-2026-24012","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security@apache.org","type":"Secondary","description":[{"lang":"en","value":"CWE-400"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:apache:iotdb:*:*:*:*:*:*:*:*","versionStartIncluding":"1.3.3","versionEndExcluding":"2.0.8","matchCriteriaId":"A5DB00CF-13B9-44F8-9F24-70DFE24EB18E"}]}]}],"references":[{"url":"https://lists.apache.org/thread/0g5th1t2vj6j8hm5t9w3xh9n6f6ht9z8","source":"security@apache.org","tags":["Mailing List","Vendor Advisory"]},{"url":"http://www.openwall.com/lists/oss-security/2026/07/06/10","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Mailing List","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2026-24013","sourceIdentifier":"security@apache.org","published":"2026-07-06T09:16:35.163","lastModified":"2026-07-07T17:50:26.877","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Authentication Bypass by Spoofing vulnerability in Apache IoTDB.\nCertain Thrift RPC query handlers lack strict validation of the sessionId\nparameter. An attacker can construct requests with a forged sessionId and,\nwithout performing openSession authentication, receive valid query results.\nThis allows authentication bypass and unauthorized reading of time-series\ndata.\n\n\nThis issue affects Apache IoTDB: from 1.3.3 before 2.0.8.\n\nUsers are recommended to upgrade to version 2.0.8, which fixes the issue."}],"affected":[{"source":"security@apache.org","affectedData":[{"vendor":"Apache Software Foundation","product":"Apache IoTDB","defaultStatus":"unaffected","versions":[{"version":"1.3.3","lessThan":"2.0.8","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N","baseScore":9.1,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":5.2}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-06T19:10:47.800876Z","id":"CVE-2026-24013","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security@apache.org","type":"Secondary","description":[{"lang":"en","value":"CWE-290"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:apache:iotdb:*:*:*:*:*:*:*:*","versionStartIncluding":"1.3.3","versionEndExcluding":"2.0.8","matchCriteriaId":"A5DB00CF-13B9-44F8-9F24-70DFE24EB18E"}]}]}],"references":[{"url":"https://lists.apache.org/thread/6pwkgnqhbm56mvn309f87snm84s0b75y","source":"security@apache.org","tags":["Mailing List","Vendor Advisory"]},{"url":"http://www.openwall.com/lists/oss-security/2026/07/06/11","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Mailing List","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2026-24014","sourceIdentifier":"security@apache.org","published":"2026-07-06T09:16:35.270","lastModified":"2026-07-07T17:49:04.433","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Apache IoTDB DataNode’s internal RPC interface for creating Trigger instances uses the uploaded Trigger JAR name to build a file path without sufficient validation. If the internal DataNode RPC port is exposed to an untrusted network, an attacker may use path traversal sequences in the JAR name to write files outside the intended Trigger installation directory. This could allow arbitrary file write with the permissions of the IoTDB process.\n\nThis issue affects Apache IoTDB: from 1.3.3 before 2.0.8.\n\nUsers are recommended to upgrade to version 2.0.8, which fixes the issue."}],"affected":[{"source":"security@apache.org","affectedData":[{"vendor":"Apache Software Foundation","product":"Apache IoTDB","defaultStatus":"unaffected","versions":[{"version":"1.3.3","lessThan":"2.0.8","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-06T19:08:49.734562Z","id":"CVE-2026-24014","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security@apache.org","type":"Secondary","description":[{"lang":"en","value":"CWE-284"},{"lang":"en","value":"CWE-434"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:apache:iotdb:*:*:*:*:*:*:*:*","versionStartIncluding":"1.3.3","versionEndExcluding":"2.0.8","matchCriteriaId":"A5DB00CF-13B9-44F8-9F24-70DFE24EB18E"}]}]}],"references":[{"url":"https://lists.apache.org/thread/38298f803gb5j9nlhf0l9zkf34o90h3m","source":"security@apache.org","tags":["Mailing List","Vendor Advisory"]},{"url":"http://www.openwall.com/lists/oss-security/2026/07/06/12","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Mailing List","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2026-40859","sourceIdentifier":"security@apache.org","published":"2026-07-06T09:16:35.520","lastModified":"2026-07-07T17:40:09.207","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Deserialization of Untrusted Data vulnerability in Apache Camel.\n\nThe camel-vertx-http component deserializes HTTP response bodies carrying the Content-Type application/x-java-serialized-object using a raw java.io.ObjectInputStream, without applying any ObjectInputFilter (VertxHttpHelper.deserializeJavaObjectFromStream) This deserialization path is reached only when the producer endpoint is configured with transferException=true (or the component-level allowJavaSerializedObject=true) and throwExceptionOnFailure is left at its default value of true; in that case a backend HTTP response with a 5xx status and the application/x-java-serialized-object content type has its body deserialized with no class restrictions. An attacker who controls the backend the Camel producer talks to - through a man-in-the-middle position on an unencrypted (plain HTTP) connection, or by compromising the backend service - can return a crafted serialized Java object and, if a suitable gadget chain is present on the classpath, achieve remote code execution on the Camel application host. The path is not reachable in the default configuration, where transferException is false.\nThis issue affects Apache Camel: from 4.0.0 before 4.14.8, from 4.15.0 before 4.18.3, from 4.19.0 before 4.20.0.\n\nUsers are recommended to upgrade to version 4.20.0, which fixes the issue. If users are on the 4.14.x LTS releases stream, then they are suggested to upgrade to 4.14.8. If users are on the 4.18.x releases stream, then they are suggested to upgrade to 4.18.3. After upgrading, the deserialization performed by both helper utilities is constrained by a default ObjectInputFilter (allow-list java.**;javax.**;org.apache.camel.**;!*), which can be customised through the new deserializationFilter endpoint option or the JVM-wide -Djdk.serialFilter system property. For deployments that cannot upgrade immediately: do not enable transferException=true (or allowJavaSerializedObject=true) on producers that talk to untrusted or network-reachable backends; ensure producer connections use TLS (https) so that a response cannot be substituted by a man-in-the-middle; and, where the option is required, set an explicit -Djdk.serialFilter allow-list (for example java.**;org.apache.camel.**;!*) to constrain deserialization."}],"affected":[{"source":"security@apache.org","affectedData":[{"vendor":"Apache Software Foundation","product":"Apache Camel","defaultStatus":"unaffected","collectionURL":"https://repo.maven.apache.org/maven2","packageName":"org.apache.camel:camel-vertx-http","versions":[{"version":"4.0.0","lessThan":"4.14.8","versionType":"semver","status":"affected"},{"version":"4.15.0","lessThan":"4.18.3","versionType":"semver","status":"affected"},{"version":"4.19.0","lessThan":"4.20.0","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":8.1,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.2,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-06T18:47:48.609198Z","id":"CVE-2026-40859","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security@apache.org","type":"Secondary","description":[{"lang":"en","value":"CWE-502"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:apache:camel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.0.0","versionEndExcluding":"4.14.8","matchCriteriaId":"7662EB25-EAB6-493F-924C-5CA8A6F462B4"},{"vulnerable":true,"criteria":"cpe:2.3:a:apache:camel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.15.0","versionEndExcluding":"4.18.3","matchCriteriaId":"0AEE4159-4465-4ACD-B94A-1E4682C85270"},{"vulnerable":true,"criteria":"cpe:2.3:a:apache:camel:4.19.0:*:*:*:*:*:*:*","matchCriteriaId":"EDA4D206-8808-4D2A-873E-8488DD7E3E16"}]}]}],"references":[{"url":"https://camel.apache.org/security/CVE-2026-40859.html","source":"security@apache.org","tags":["Mitigation","Vendor Advisory"]},{"url":"http://www.openwall.com/lists/oss-security/2026/07/05/3","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Mailing List","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2025-15668","sourceIdentifier":"cna@vuldb.com","published":"2026-07-06T12:16:39.630","lastModified":"2026-07-07T15:16:41.887","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"A vulnerability was identified in GPAC up to b40ce70f5. This issue affects the function sgpd_del_entry of the file src/isomedia/box_code_base.c of the component MP4Box. Such manipulation of the argument data leads to heap-based buffer overflow. Local access is required to approach this attack. The exploit is publicly available and might be used. The name of the patch is f29f955f2a3b5e8e507caad3e52319f961bf37bf. It is advisable to implement a patch to correct this issue."}],"affected":[{"source":"cna@vuldb.com","affectedData":[{"vendor":"n/a","product":"GPAC","cpes":["cpe:2.3:a:gpac:gpac:*:*:*:*:*:*:*:*"],"modules":["MP4Box"],"versions":[{"version":"b40ce70f5","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"cna@vuldb.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":1.9,"baseSeverity":"LOW","attackVector":"LOCAL","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"LOW","userInteraction":"NONE","vulnConfidentialityImpact":"NONE","vulnIntegrityImpact":"NONE","vulnAvailabilityImpact":"LOW","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"PROOF_OF_CONCEPT","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"cna@vuldb.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L","baseScore":3.3,"baseSeverity":"LOW","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"LOW"},"exploitabilityScore":1.8,"impactScore":1.4}],"cvssMetricV2":[{"source":"cna@vuldb.com","type":"Secondary","cvssData":{"version":"2.0","vectorString":"AV:L/AC:L/Au:S/C:N/I:N/A:P","baseScore":1.7,"accessVector":"LOCAL","accessComplexity":"LOW","authentication":"SINGLE","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"PARTIAL"},"baseSeverity":"LOW","exploitabilityScore":3.1,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-07T14:02:34.286901Z","id":"CVE-2025-15668","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"cna@vuldb.com","type":"Secondary","description":[{"lang":"en","value":"CWE-119"},{"lang":"en","value":"CWE-122"}]}],"references":[{"url":"https://github.com/TimChan2001/pocs/raw/refs/heads/main/poc-gpac-0","source":"cna@vuldb.com"},{"url":"https://github.com/gpac/gpac/","source":"cna@vuldb.com"},{"url":"https://github.com/gpac/gpac/commit/f29f955f2a3b5e8e507caad3e52319f961bf37bf","source":"cna@vuldb.com"},{"url":"https://github.com/gpac/gpac/issues/3398","source":"cna@vuldb.com"},{"url":"https://vuldb.com/cve/CVE-2025-15668","source":"cna@vuldb.com"},{"url":"https://vuldb.com/submit/846851","source":"cna@vuldb.com"},{"url":"https://vuldb.com/vuln/376293","source":"cna@vuldb.com"},{"url":"https://vuldb.com/vuln/376293/cti","source":"cna@vuldb.com"},{"url":"https://github.com/gpac/gpac/issues/3398","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0"}]}},{"cve":{"id":"CVE-2026-59152","sourceIdentifier":"security-advisories@github.com","published":"2026-07-06T16:16:37.413","lastModified":"2026-07-07T16:16:41.340","vulnStatus":"Awaiting Analysis","cveTags":[],"descriptions":[{"lang":"en","value":"LangSmith Client SDKs provide SDK's for interacting with the LangSmith platform. Prior to 0.8.18, an attacker who can send an HTTP request to a server running the LangSmith SDK's TracingMiddleware can cause that server to read an arbitrary file from its local filesystem and upload the contents to LangSmith as a trace attachment. Depending on how the distributed trace system is deployed, triggering a read may not require authentication. Retrieving the contents requires read access to the LangSmith workspace the traces are sent to. The net effect is a trust-boundary crossing: a party with workspace trace-read access (for example a low-privilege workspace member, a contractor, or a compromised teammate account) gains the ability to read files from any server running TracingMiddleware, a capability outside that workspace's intended trust boundary. This vulnerability is fixed in 0.8.18."}],"affected":[{"source":"security-advisories@github.com","affectedData":[{"vendor":"langchain-ai","product":"langsmith-sdk","versions":[{"version":"< 0.8.18","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N","baseScore":5.0,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.1,"impactScore":1.4}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-07T15:17:33.429942Z","id":"CVE-2026-59152","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-22"},{"lang":"en","value":"CWE-346"},{"lang":"en","value":"CWE-843"}]}],"references":[{"url":"https://github.com/langchain-ai/langsmith-sdk/security/advisories/GHSA-f4xh-w4cj-qxq8","source":"security-advisories@github.com"}]}},{"cve":{"id":"CVE-2026-40138","sourceIdentifier":"13061848-ea10-403d-bd75-c83a022c2891","published":"2026-07-06T17:16:30.793","lastModified":"2026-07-07T16:16:38.780","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"A critical pre-authentication vulnerability exists in the authentication subsystem of BeyondTrust Remote Support and Privileged Remote Access. Improper validation of authentication data may allow a network-positioned attacker to bypass access controls and gain unauthorized access to the appliance, including accounts with elevated privileges. Exploitation requires a specific authentication configuration to be enabled"}],"affected":[{"source":"13061848-ea10-403d-bd75-c83a022c2891","affectedData":[{"vendor":"BeyondTrust","product":"Remote Support","defaultStatus":"unaffected","versions":[{"version":"0","lessThanOrEqual":"25.3.2","versionType":"custom","status":"affected"}]},{"vendor":"BeyondTrust","product":"Privileged Remote Access","defaultStatus":"unaffected","versions":[{"version":"0","lessThanOrEqual":"25.3.2","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"13061848-ea10-403d-bd75-c83a022c2891","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":9.2,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"HIGH","attackRequirements":"PRESENT","privilegesRequired":"NONE","userInteraction":"NONE","vulnConfidentialityImpact":"HIGH","vulnIntegrityImpact":"HIGH","vulnAvailabilityImpact":"HIGH","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":8.1,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.2,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-06T00:00:00+00:00","id":"CVE-2026-40138","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"13061848-ea10-403d-bd75-c83a022c2891","type":"Secondary","description":[{"lang":"en","value":"CWE-287"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:beyondtrust:privileged_remote_access:*:*:*:*:*:*:*:*","versionEndExcluding":"25.3.3","matchCriteriaId":"79807D69-2935-4EC4-B34F-3BBFCE1D6EC1"},{"vulnerable":true,"criteria":"cpe:2.3:a:beyondtrust:remote_support:*:*:*:*:*:*:*:*","versionEndExcluding":"25.3.3","matchCriteriaId":"91823A93-2793-4FA6-AB9B-60E62102AE0E"}]}]}],"references":[{"url":"https://www.beyondtrust.com/trust-center/security-advisories/bt26-03","source":"13061848-ea10-403d-bd75-c83a022c2891","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-12154","sourceIdentifier":"security@wordfence.com","published":"2026-07-06T18:16:36.670","lastModified":"2026-07-07T15:16:42.180","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"The Reviews Widgets for Google, Yelp & TripAdvisor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'page_id' shortcode attribute of the [fbrev] shortcode in versions up to and including 2.7.3. This is due to insufficient input sanitization and output escaping in the Feed_Shortcode::fbrev() method, which passes the raw shortcode attribute through Feed_Old::get_feed() into the View::render() method, where it is echoed directly into the data-id HTML attribute without esc_attr(). This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page."}],"affected":[{"source":"security@wordfence.com","affectedData":[{"vendor":"widgetpack","product":"Reviews Widgets for Google, TripAdvisor, Yelp & Recommendations","defaultStatus":"unaffected","versions":[{"version":"0","lessThanOrEqual":"2.7.3","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"security@wordfence.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N","baseScore":6.4,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":3.1,"impactScore":2.7}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-07T14:06:53.473541Z","id":"CVE-2026-12154","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security@wordfence.com","type":"Secondary","description":[{"lang":"en","value":"CWE-79"}]}],"references":[{"url":"https://plugins.trac.wordpress.org/browser/fb-reviews-widget/tags/2.7.3/includes/class-feed-old.php#L55","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/browser/fb-reviews-widget/tags/2.7.3/includes/class-feed-shortcode.php#L57","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/browser/fb-reviews-widget/tags/2.7.3/includes/class-view.php#L36","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=3593292%40fb-reviews-widget&old=3451654%40fb-reviews-widget&sfp_email=&sfph_mail=","source":"security@wordfence.com"},{"url":"https://www.wordfence.com/threat-intel/vulnerabilities/id/86fbc499-dca3-41da-a6ef-8e97d7e46d0e?source=cve","source":"security@wordfence.com"}]}},{"cve":{"id":"CVE-2026-14898","sourceIdentifier":"8f4f43ab-ba69-4d92-aa1d-d772184d6fb7","published":"2026-07-06T20:16:30.580","lastModified":"2026-07-07T16:16:37.877","vulnStatus":"Awaiting Analysis","cveTags":[],"descriptions":[{"lang":"en","value":"The OpenAI Codex desktop app for macOS rendered remote images from Markdown in model responses. An attacker who could place an indirect prompt injection in content processed by Codex, such as a connected-tool result or another untrusted source, could induce the model to construct a remote image URL containing sensitive data. The app automatically fetched that URL when rendering the response, sending the embedded data to an attacker-controlled server without a separate user click. Successful exploitation could exfiltrate secrets and other information accessible in the Codex session, including API keys, source code, and data returned by connected tools. No direct integrity or availability impact was demonstrated, and there is no known exploitation in the wild."}],"affected":[{"source":"8f4f43ab-ba69-4d92-aa1d-d772184d6fb7","affectedData":[{"vendor":"OpenAI","product":"Codex desktop app for macOS","versions":[{"version":"0","lessThan":"26.527.31326","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-07T15:35:10.010319Z","id":"CVE-2026-14898","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"8f4f43ab-ba69-4d92-aa1d-d772184d6fb7","type":"Secondary","description":[{"lang":"en","value":"CWE-200"}]}],"references":[{"url":"https://openai.com/codex/","source":"8f4f43ab-ba69-4d92-aa1d-d772184d6fb7"}]}},{"cve":{"id":"CVE-2025-59615","sourceIdentifier":"product-security@qualcomm.com","published":"2026-07-06T21:16:52.077","lastModified":"2026-07-07T17:03:12.387","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Memory Corruption when invoking device input/output control operations for mapping and unmapping persistent memory buffers due to improper synchronization."}],"affected":[{"source":"product-security@qualcomm.com","affectedData":[{"vendor":"Qualcomm, Inc.","product":"Snapdragon","defaultStatus":"unaffected","platforms":["Snapdragon CCW","Snapdragon Compute","Snapdragon Consumer IOT","Snapdragon MC","Snapdragon Mobile"],"versions":[{"version":"FastConnect 6700","status":"affected"},{"version":"FastConnect 6900","status":"affected"},{"version":"FastConnect 7800","status":"affected"},{"version":"Molokai","status":"affected"},{"version":"Orne","status":"affected"},{"version":"Pandeiro","status":"affected"},{"version":"QCM5430","status":"affected"},{"version":"QCM6490","status":"affected"},{"version":"QLN1083BD","status":"affected"},{"version":"QLN1086BD","status":"affected"},{"version":"QMP1000","status":"affected"},{"version":"QMP2001","status":"affected"},{"version":"QPA1083BD","status":"affected"},{"version":"QPA1086BD","status":"affected"},{"version":"Qualcomm Video Collaboration VC3 Platform","status":"affected"},{"version":"QXM1093","status":"affected"},{"version":"QXM1094","status":"affected"},{"version":"QXM1095","status":"affected"},{"version":"QXM1096","status":"affected"},{"version":"SC8380XP","status":"affected"},{"version":"SD865 5G","status":"affected"},{"version":"SM6850","status":"affected"},{"version":"SM8845P","status":"affected"},{"version":"Snapdragon 460 Mobile Platform","status":"affected"},{"version":"Snapdragon 662 Mobile Platform","status":"affected"},{"version":"Snapdragon 8 Elite Gen 5","status":"affected"},{"version":"Snapdragon AR1 Gen 1 Platform","status":"affected"},{"version":"Snapdragon XR2 5G Platform","status":"affected"},{"version":"Snapdragon XR2+ Gen 1 Platform","status":"affected"},{"version":"SXR2230P","status":"affected"},{"version":"SXR2250P","status":"affected"},{"version":"SXR2330P","status":"affected"},{"version":"SXR2350P","status":"affected"},{"version":"WCD9370","status":"affected"},{"version":"WCD9375","status":"affected"},{"version":"WCD9378","status":"affected"},{"version":"WCD9380","status":"affected"},{"version":"WCD9385","status":"affected"},{"version":"WCD9395","status":"affected"},{"version":"WCN3950","status":"affected"},{"version":"WCN3988","status":"affected"},{"version":"WCN6450","status":"affected"},{"version":"WCN7760","status":"affected"},{"version":"WCN7860","status":"affected"},{"version":"WCN7861","status":"affected"},{"version":"WCN7880","status":"affected"},{"version":"WCN7881","status":"affected"},{"version":"WSA8810","status":"affected"},{"version":"WSA8815","status":"affected"},{"version":"WSA8830","status":"affected"},{"version":"WSA8832","status":"affected"},{"version":"WSA8835","status":"affected"},{"version":"WSA8840","status":"affected"},{"version":"WSA8845","status":"affected"},{"version":"WSA8845H","status":"affected"},{"version":"WSA8850","status":"affected"},{"version":"WSA8850W","status":"affected"},{"version":"WSA8855C","status":"affected"},{"version":"XRV7209","status":"affected"},{"version":"XRV9209","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"product-security@qualcomm.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:L/I:H/A:L","baseScore":6.6,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"HIGH","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"HIGH","availabilityImpact":"LOW"},"exploitabilityScore":0.8,"impactScore":5.3},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-07T03:56:22.792067Z","id":"CVE-2025-59615","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"product-security@qualcomm.com","type":"Secondary","description":[{"lang":"en","value":"CWE-416"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:fastconnect_6700_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"82B82E87-F3F4-466F-A76B-C8809121FF6F"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:fastconnect_6700:-:*:*:*:*:*:*:*","matchCriteriaId":"419A132E-E42C-4395-B74B-788A39DF1D13"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:fastconnect_6900_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"E670F500-9B71-4BBE-B5DA-221D35803C89"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:fastconnect_6900:-:*:*:*:*:*:*:*","matchCriteriaId":"9ADEB5C5-B79A-4F45-B7D3-75945B38DB6C"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:fastconnect_7800_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"B3053D68-C5D8-4D47-A4F0-9F3AF2289E1D"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:fastconnect_7800:-:*:*:*:*:*:*:*","matchCriteriaId":"638DBC7F-456F-487D-BED2-2214DFF8BEE2"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:molokai_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"27BCE022-2E7D-4F41-B8EF-6B2F906F75E0"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:molokai:-:*:*:*:*:*:*:*","matchCriteriaId":"4864D493-47A8-4389-9D9A-2ED5B995EF27"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:orne_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"19FB8345-BBFC-4E18-A4E6-64A159D7F65B"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:orne:-:*:*:*:*:*:*:*","matchCriteriaId":"FFDA4056-3F1B-4F3A-BE59-1908BD3DE5E9"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:pandeiro_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"23F8EF0C-BB48-47E1-A045-254D79388F75"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:pandeiro:-:*:*:*:*:*:*:*","matchCriteriaId":"058950FC-ED72-4E91-AE13-87E738ADC083"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:qcm5430_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"4EC5F81B-AA24-4E3C-9FC8-53E010AC977E"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:qcm5430:-:*:*:*:*:*:*:*","matchCriteriaId":"B5C66DAD-0D85-46B8-92D7-6D68B9429E9A"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:qcm6490_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"ADD6D51E-5787-42A6-8A02-4EBBAFFF9C94"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:qcm6490:-:*:*:*:*:*:*:*","matchCriteriaId":"99AA0291-B822-4CAD-BA17-81B632FC3FEF"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:qln1083bd_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"FD70F234-1EE7-4362-97F6-5AEDB7078D03"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:qln1083bd:-:*:*:*:*:*:*:*","matchCriteriaId":"C569A848-B70C-42EF-B6D5-4A86547586EE"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:qln1086bd_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"F218DF06-C40A-4738-ABB5-A3FA2243EF84"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:qln1086bd:-:*:*:*:*:*:*:*","matchCriteriaId":"2E2A0CD0-66FA-45D6-BBC7-03641203EC73"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:qmp1000_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"5298473D-8B34-42E6-BC32-69A3800972B4"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:qmp1000:-:*:*:*:*:*:*:*","matchCriteriaId":"2A1CF44E-FFC2-4DCB-8DC2-46422D912448"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:qmp2001_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"0B53AF78-37B0-4D64-A7D3-1729D0248D61"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:qmp2001:-:*:*:*:*:*:*:*","matchCriteriaId":"560E36D2-27DB-4590-A879-C2071ED72641"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:qpa1083bd_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"B0208F7B-A959-485E-B004-A34CB7C7C4C9"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:qpa1083bd:-:*:*:*:*:*:*:*","matchCriteriaId":"FBDAC812-4603-4D24-A861-23825E32D44E"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:qpa1086bd_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"7F6DEF72-A8FF-4B67-AA6C-5CB4AA7B35E1"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:qpa1086bd:-:*:*:*:*:*:*:*","matchCriteriaId":"00EF6875-B088-40BD-A526-C962789CDC5A"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:video_collaboration_vc3_platform_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"DD4946C6-778F-4542-AB77-C9B86AF25C05"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:video_collaboration_vc3_platform:-:*:*:*:*:*:*:*","matchCriteriaId":"6F1D604A-4530-42B3-80A0-58A82D658DDD"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:qxm1093_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"9A46B609-BD06-4BB7-B055-1F71C555E93D"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:qxm1093:-:*:*:*:*:*:*:*","matchCriteriaId":"59598462-1E53-4F6D-BAB5-06ACEDF6CD9F"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:qxm1094_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"8F30D66E-2802-4394-BC39-5E04711234FF"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:qxm1094:-:*:*:*:*:*:*:*","matchCriteriaId":"078EC383-784F-4468-B94C-AE7CC9808419"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:qxm1095_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"B7B67C93-0453-4696-8F3D-0AD664922C44"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:qxm1095:-:*:*:*:*:*:*:*","matchCriteriaId":"D61C46AA-9130-46A8-BD04-8B4235118B81"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:qxm1096_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"2E2D5E44-48F6-41E8-A38B-A2E070E16AA9"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:qxm1096:-:*:*:*:*:*:*:*","matchCriteriaId":"9BD0372F-5140-4966-9A27-6B5A606C0665"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:sc8380xp_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"14E3FE58-7F1C-4F5C-B62D-0CF124E14AB2"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:sc8380xp:-:*:*:*:*:*:*:*","matchCriteriaId":"FFCB0BBA-3F81-4FCA-B3DE-190C46DA50DB"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:sd865_5g_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"72433485-B229-46A6-BCA4-394AA4EEA683"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:sd865_5g:-:*:*:*:*:*:*:*","matchCriteriaId":"04D40EC4-BF31-4BFD-8D0A-8193F541AF02"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:sm6850_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"DE09FF94-7751-4EED-B269-C7BB056CA90C"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:sm6850:-:*:*:*:*:*:*:*","matchCriteriaId":"02B1463D-EE74-42DC-95D5-D0F66260CB32"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:sm8845p_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"A205320E-6C60-4F6A-90D5-06CABAF0FDEA"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:sm8845p:-:*:*:*:*:*:*:*","matchCriteriaId":"0FB8CE86-605E-4B3D-82E5-A55093ABCE5F"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:snapdragon_460_mobile_platform_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"390D7CAF-6C0B-4438-AA7D-AEEE127F4D3C"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:snapdragon_460_mobile_platform:-:*:*:*:*:*:*:*","matchCriteriaId":"5BB1FC5E-CF6F-4E54-B78D-C01AFD034903"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:snapdragon_662_mobile_platform_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"37DF4D73-3ACC-41B3-8CA4-20DAECE6BFB7"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:snapdragon_662_mobile_platform:-:*:*:*:*:*:*:*","matchCriteriaId":"FE08D23A-2D0D-4472-8847-27B955F55165"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:snapdragon_8_elite_gen_5_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"41070BDB-15E4-4DD7-A132-A14AA24978E5"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:snapdragon_8_elite_gen_5:-:*:*:*:*:*:*:*","matchCriteriaId":"102460A6-9637-4883-9230-2CC888D5D74E"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:snapdragon_ar1_gen_1_platform_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"53E5BBDA-C07D-42E2-9A34-EC1F6454CAA4"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:snapdragon_ar1_gen_1_platform:-:*:*:*:*:*:*:*","matchCriteriaId":"0BB2408F-C768-4DD2-B834-B62E188D6CC2"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:snapdragon_xr2_5g_platform_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"1A129620-8241-4A47-AAC8-CC7E10A09C9C"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:snapdragon_xr2_5g_platform:-:*:*:*:*:*:*:*","matchCriteriaId":"4CEDD78E-124C-4216-9B57-3B7B53463659"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:snapdragon_xr2\\+_gen_1_platform_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"BF9740EB-F82E-42EA-993E-A393B05CC6BB"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:snapdragon_xr2\\+_gen_1_platform:-:*:*:*:*:*:*:*","matchCriteriaId":"022A5532-03F7-4FB8-BA0D-4221178C9486"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:sxr2230p_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"CD6444F6-A477-4B4C-8A09-C22C47CCE45B"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:sxr2230p:-:*:*:*:*:*:*:*","matchCriteriaId":"F3E20681-4FC4-46E2-AF77-BCF03BC8E77E"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:sxr2250p_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"68A93ED1-F509-439E-AE7B-F0EC87AE759F"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:sxr2250p:-:*:*:*:*:*:*:*","matchCriteriaId":"FB5E2A98-EDD0-4298-911D-EC7527D5A424"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:sxr2330p_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"568C5B08-AC42-48D3-8029-A65689EEBE75"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:sxr2330p:-:*:*:*:*:*:*:*","matchCriteriaId":"56DD2B49-0A36-443C-BECB-4115E271A415"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:sxr2350p_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"AA54D269-A94D-47CB-B3F1-7B163E453A67"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:sxr2350p:-:*:*:*:*:*:*:*","matchCriteriaId":"F1D79422-1EA3-459A-8C4A-8A0FBE386036"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:wcd9370_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"1295D869-F4DD-4766-B4AA-3513752F43B4"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:wcd9370:-:*:*:*:*:*:*:*","matchCriteriaId":"B98784DC-3143-4D38-AD28-DBBDCCAB4272"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:wcd9375_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"34143ABA-7D09-429F-A65C-3A33438BF62C"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:wcd9375:-:*:*:*:*:*:*:*","matchCriteriaId":"9D56DFE3-5EF1-4B23-BBD5-0203FBF9CCEC"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:wcd9378_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"4CFDBB5B-0A4F-4032-874F-D2A7EF933FB0"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:wcd9378:-:*:*:*:*:*:*:*","matchCriteriaId":"D28A12D6-CC60-4BE9-ADEE-FAB58B05440F"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:wcd9380_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"70292B01-617F-44AD-AF77-1AFC1450523D"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:wcd9380:-:*:*:*:*:*:*:*","matchCriteriaId":"FA94C6D6-85DB-4031-AAF4-C399019AE16D"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:wcd9385_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"92B17201-8185-47F1-9720-5AB4ECD11B22"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:wcd9385:-:*:*:*:*:*:*:*","matchCriteriaId":"E1FA2EB9-416F-4D69-8786-386CC73978AE"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:wcd9395_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"699056F6-1517-4F25-AE07-4FFCF6923B9F"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:wcd9395:-:*:*:*:*:*:*:*","matchCriteriaId":"E4C023D2-6FF5-4FFC-B9F2-895979166580"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:wcn3950_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"3FEF2DB6-00F5-4B07-953B-EF58B31267F1"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:wcn3950:-:*:*:*:*:*:*:*","matchCriteriaId":"120E8F0F-EBEB-4565-9927-2D473F783EF7"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:wcn3988_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"E4BFB25F-013B-48E3-99FF-3E8687F94423"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:wcn3988:-:*:*:*:*:*:*:*","matchCriteriaId":"BF676C5B-838B-446C-A689-6A25AB8A87E2"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:wcn6450_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"1FAFC9FA-E6EF-44C5-BD50-2824C7711541"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:wcn6450:-:*:*:*:*:*:*:*","matchCriteriaId":"6F895CDD-F9BB-45AD-AE60-71F4549114A4"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:wcn7760_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"506C6CE1-6BDF-4542-82C1-820D10D8181A"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:wcn7760:-:*:*:*:*:*:*:*","matchCriteriaId":"72F8CE3B-2BDC-40B1-BB04-A3A7E25B8096"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:wcn7860_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"2EB8794F-7998-424E-AF68-E4A4F9310F65"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:wcn7860:-:*:*:*:*:*:*:*","matchCriteriaId":"799D69CE-3FCC-4B19-8B00-9AF38111D983"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:wcn7861_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"57608D47-894C-4895-B4B3-4733D55D57DB"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:wcn7861:-:*:*:*:*:*:*:*","matchCriteriaId":"2FFD2C38-1A61-4BED-ABFA-DAE0C4B78620"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:wcn7880_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"63735D33-9F09-4841-9FE0-0D9AB604BECF"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:wcn7880:-:*:*:*:*:*:*:*","matchCriteriaId":"E826F765-4C2E-4319-BBC4-DEB02AAD783F"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:wcn7881_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"D765C392-5F38-4E6A-9E88-59629E7A6911"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:wcn7881:-:*:*:*:*:*:*:*","matchCriteriaId":"FAE8F4F9-F692-4EC0-A3FE-2CDD681DCBFD"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:wsa8810_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"15307882-7039-43E9-9BA3-035045988B99"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:wsa8810:-:*:*:*:*:*:*:*","matchCriteriaId":"AA85B322-E593-4499-829A-CC6D70BAE884"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:wsa8815_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"E839A0B9-64C3-4C7A-82B7-D2AAF65928F8"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:wsa8815:-:*:*:*:*:*:*:*","matchCriteriaId":"7E870D82-DE3B-4199-A730-C8FB545BAA98"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:wsa8830_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"11B69595-E488-4590-A150-CE5BE08B5E13"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:wsa8830:-:*:*:*:*:*:*:*","matchCriteriaId":"BF680174-5FA6-47D9-8EAB-CC2A37A7BD42"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:wsa8832_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"7ACAD26E-B79E-4659-91A5-D301281F7D36"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:wsa8832:-:*:*:*:*:*:*:*","matchCriteriaId":"F0E46DA6-9494-4D92-A4AE-A272AF6ACCCC"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:wsa8835_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"F80BC68E-7476-4A40-9F48-53722FE9A5BF"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:wsa8835:-:*:*:*:*:*:*:*","matchCriteriaId":"6B36F4B2-BAA3-45AD-9967-0EB482C99708"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:wsa8840_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"CA33DE15-C177-43B3-AD50-FF797753D12E"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:wsa8840:-:*:*:*:*:*:*:*","matchCriteriaId":"AE1A5841-5BCB-4033-ACB9-23F3FCA65309"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:wsa8845_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"5B47BF35-3AA0-4667-842E-19B0FE30BF3C"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:wsa8845:-:*:*:*:*:*:*:*","matchCriteriaId":"8A071672-9405-4418-9141-35CEADBB65AF"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:wsa8845h_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"BB7CF473-8B25-4851-91F2-1BD693CCDC85"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:wsa8845h:-:*:*:*:*:*:*:*","matchCriteriaId":"91E591F2-8F72-4A5A-9264-2742EB2DABDA"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:wsa8850_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"FA243934-7BFA-47AA-B78C-CCB25377E471"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:wsa8850:-:*:*:*:*:*:*:*","matchCriteriaId":"2FD65035-4D20-48D5-874E-47CD9C7A985C"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:wsa8850w_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"22707187-A56D-48AD-800F-A438FD844546"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:wsa8850w:-:*:*:*:*:*:*:*","matchCriteriaId":"F526A54A-F974-4D0A-A1A6-FABBB6711CD0"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:wsa8855c_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"671E0B82-5D58-4644-8806-7F4CAFFB6641"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:wsa8855c:-:*:*:*:*:*:*:*","matchCriteriaId":"CC066321-B3CC-4E88-BFA9-414B8D095207"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:xrv7209_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"CC6C6243-E092-4903-BC20-E3B0CECBC790"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:xrv7209:-:*:*:*:*:*:*:*","matchCriteriaId":"AAA33761-D61C-4A81-B233-5E2D50F3596F"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:xrv9209_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"3D693483-72F9-42B1-8EDA-8DABD537F428"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:xrv9209:-:*:*:*:*:*:*:*","matchCriteriaId":"43F4A7D9-055D-475B-BFE4-61A86C7397F8"}]}]}],"references":[{"url":"https://docs.qualcomm.com/product/publicresources/securitybulletin/july-2026-bulletin.html","source":"product-security@qualcomm.com","tags":["Patch","Vendor Advisory"]}]}},{"cve":{"id":"CVE-2025-59616","sourceIdentifier":"product-security@qualcomm.com","published":"2026-07-06T21:16:52.513","lastModified":"2026-07-07T17:00:24.487","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Memory Corruption when processing multiple IOCTL calls with the same buffer file descriptor input due to accessing already freed memory."}],"affected":[{"source":"product-security@qualcomm.com","affectedData":[{"vendor":"Qualcomm, Inc.","product":"Snapdragon","defaultStatus":"unaffected","platforms":["Snapdragon CCW","Snapdragon Compute","Snapdragon Consumer IOT","Snapdragon MC","Snapdragon Mobile"],"versions":[{"version":"FastConnect 6700","status":"affected"},{"version":"FastConnect 6900","status":"affected"},{"version":"FastConnect 7800","status":"affected"},{"version":"Molokai","status":"affected"},{"version":"Orne","status":"affected"},{"version":"Pandeiro","status":"affected"},{"version":"QCM5430","status":"affected"},{"version":"QCM6490","status":"affected"},{"version":"QMP1000","status":"affected"},{"version":"QMP2001","status":"affected"},{"version":"Qualcomm Video Collaboration VC3 Platform","status":"affected"},{"version":"SC8380XP","status":"affected"},{"version":"SD865 5G","status":"affected"},{"version":"SM6850","status":"affected"},{"version":"SM8845P","status":"affected"},{"version":"Snapdragon 460 Mobile Platform","status":"affected"},{"version":"Snapdragon 662 Mobile Platform","status":"affected"},{"version":"Snapdragon 8 Elite Gen 5","status":"affected"},{"version":"Snapdragon AR1 Gen 1 Platform","status":"affected"},{"version":"Snapdragon XR2 5G Platform","status":"affected"},{"version":"Snapdragon XR2+ Gen 1 Platform","status":"affected"},{"version":"SXR2230P","status":"affected"},{"version":"SXR2250P","status":"affected"},{"version":"WCD9370","status":"affected"},{"version":"WCD9375","status":"affected"},{"version":"WCD9378","status":"affected"},{"version":"WCD9380","status":"affected"},{"version":"WCD9385","status":"affected"},{"version":"WCD9395","status":"affected"},{"version":"WCN3950","status":"affected"},{"version":"WCN3988","status":"affected"},{"version":"WCN6450","status":"affected"},{"version":"WCN7760","status":"affected"},{"version":"WCN7860","status":"affected"},{"version":"WCN7861","status":"affected"},{"version":"WCN7880","status":"affected"},{"version":"WCN7881","status":"affected"},{"version":"WSA8810","status":"affected"},{"version":"WSA8815","status":"affected"},{"version":"WSA8830","status":"affected"},{"version":"WSA8832","status":"affected"},{"version":"WSA8835","status":"affected"},{"version":"WSA8840","status":"affected"},{"version":"WSA8845","status":"affected"},{"version":"WSA8845H","status":"affected"},{"version":"WSA8850","status":"affected"},{"version":"WSA8850W","status":"affected"},{"version":"WSA8855C","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"product-security@qualcomm.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:L/I:H/A:L","baseScore":6.6,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"HIGH","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"HIGH","availabilityImpact":"LOW"},"exploitabilityScore":0.8,"impactScore":5.3},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-07T03:56:24.909314Z","id":"CVE-2025-59616","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"product-security@qualcomm.com","type":"Secondary","description":[{"lang":"en","value":"CWE-416"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:fastconnect_6700_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"82B82E87-F3F4-466F-A76B-C8809121FF6F"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:fastconnect_6700:-:*:*:*:*:*:*:*","matchCriteriaId":"419A132E-E42C-4395-B74B-788A39DF1D13"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:fastconnect_6900_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"E670F500-9B71-4BBE-B5DA-221D35803C89"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:fastconnect_6900:-:*:*:*:*:*:*:*","matchCriteriaId":"9ADEB5C5-B79A-4F45-B7D3-75945B38DB6C"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:fastconnect_7800_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"B3053D68-C5D8-4D47-A4F0-9F3AF2289E1D"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:fastconnect_7800:-:*:*:*:*:*:*:*","matchCriteriaId":"638DBC7F-456F-487D-BED2-2214DFF8BEE2"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:molokai_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"27BCE022-2E7D-4F41-B8EF-6B2F906F75E0"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:molokai:-:*:*:*:*:*:*:*","matchCriteriaId":"4864D493-47A8-4389-9D9A-2ED5B995EF27"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:orne_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"19FB8345-BBFC-4E18-A4E6-64A159D7F65B"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:orne:-:*:*:*:*:*:*:*","matchCriteriaId":"FFDA4056-3F1B-4F3A-BE59-1908BD3DE5E9"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:pandeiro_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"23F8EF0C-BB48-47E1-A045-254D79388F75"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:pandeiro:-:*:*:*:*:*:*:*","matchCriteriaId":"058950FC-ED72-4E91-AE13-87E738ADC083"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:qcm5430_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"4EC5F81B-AA24-4E3C-9FC8-53E010AC977E"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:qcm5430:-:*:*:*:*:*:*:*","matchCriteriaId":"B5C66DAD-0D85-46B8-92D7-6D68B9429E9A"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:qcm6490_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"ADD6D51E-5787-42A6-8A02-4EBBAFFF9C94"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:qcm6490:-:*:*:*:*:*:*:*","matchCriteriaId":"99AA0291-B822-4CAD-BA17-81B632FC3FEF"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:qmp1000_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"5298473D-8B34-42E6-BC32-69A3800972B4"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:qmp1000:-:*:*:*:*:*:*:*","matchCriteriaId":"2A1CF44E-FFC2-4DCB-8DC2-46422D912448"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:qmp2001_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"0B53AF78-37B0-4D64-A7D3-1729D0248D61"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:qmp2001:-:*:*:*:*:*:*:*","matchCriteriaId":"560E36D2-27DB-4590-A879-C2071ED72641"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:video_collaboration_vc3_platform_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"DD4946C6-778F-4542-AB77-C9B86AF25C05"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:video_collaboration_vc3_platform:-:*:*:*:*:*:*:*","matchCriteriaId":"6F1D604A-4530-42B3-80A0-58A82D658DDD"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:sc8380xp_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"14E3FE58-7F1C-4F5C-B62D-0CF124E14AB2"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:sc8380xp:-:*:*:*:*:*:*:*","matchCriteriaId":"FFCB0BBA-3F81-4FCA-B3DE-190C46DA50DB"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:sd865_5g_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"72433485-B229-46A6-BCA4-394AA4EEA683"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:sd865_5g:-:*:*:*:*:*:*:*","matchCriteriaId":"04D40EC4-BF31-4BFD-8D0A-8193F541AF02"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:sm6850_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"DE09FF94-7751-4EED-B269-C7BB056CA90C"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:sm6850:-:*:*:*:*:*:*:*","matchCriteriaId":"02B1463D-EE74-42DC-95D5-D0F66260CB32"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:sm8845p_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"A205320E-6C60-4F6A-90D5-06CABAF0FDEA"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:sm8845p:-:*:*:*:*:*:*:*","matchCriteriaId":"0FB8CE86-605E-4B3D-82E5-A55093ABCE5F"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:snapdragon_460_mobile_platform_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"390D7CAF-6C0B-4438-AA7D-AEEE127F4D3C"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:snapdragon_460_mobile_platform:-:*:*:*:*:*:*:*","matchCriteriaId":"5BB1FC5E-CF6F-4E54-B78D-C01AFD034903"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:snapdragon_662_mobile_platform_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"37DF4D73-3ACC-41B3-8CA4-20DAECE6BFB7"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:snapdragon_662_mobile_platform:-:*:*:*:*:*:*:*","matchCriteriaId":"FE08D23A-2D0D-4472-8847-27B955F55165"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:snapdragon_8_elite_gen_5_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"41070BDB-15E4-4DD7-A132-A14AA24978E5"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:snapdragon_8_elite_gen_5:-:*:*:*:*:*:*:*","matchCriteriaId":"102460A6-9637-4883-9230-2CC888D5D74E"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:snapdragon_ar1_gen_1_platform_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"53E5BBDA-C07D-42E2-9A34-EC1F6454CAA4"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:snapdragon_ar1_gen_1_platform:-:*:*:*:*:*:*:*","matchCriteriaId":"0BB2408F-C768-4DD2-B834-B62E188D6CC2"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:snapdragon_xr2_5g_platform_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"1A129620-8241-4A47-AAC8-CC7E10A09C9C"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:snapdragon_xr2_5g_platform:-:*:*:*:*:*:*:*","matchCriteriaId":"4CEDD78E-124C-4216-9B57-3B7B53463659"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:snapdragon_xr2\\+_gen_1_platform_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"BF9740EB-F82E-42EA-993E-A393B05CC6BB"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:snapdragon_xr2\\+_gen_1_platform:-:*:*:*:*:*:*:*","matchCriteriaId":"022A5532-03F7-4FB8-BA0D-4221178C9486"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:sxr2230p_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"CD6444F6-A477-4B4C-8A09-C22C47CCE45B"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:sxr2230p:-:*:*:*:*:*:*:*","matchCriteriaId":"F3E20681-4FC4-46E2-AF77-BCF03BC8E77E"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:sxr2250p_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"68A93ED1-F509-439E-AE7B-F0EC87AE759F"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:sxr2250p:-:*:*:*:*:*:*:*","matchCriteriaId":"FB5E2A98-EDD0-4298-911D-EC7527D5A424"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:wcd9370_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"1295D869-F4DD-4766-B4AA-3513752F43B4"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:wcd9370:-:*:*:*:*:*:*:*","matchCriteriaId":"B98784DC-3143-4D38-AD28-DBBDCCAB4272"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:wcd9375_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"34143ABA-7D09-429F-A65C-3A33438BF62C"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:wcd9375:-:*:*:*:*:*:*:*","matchCriteriaId":"9D56DFE3-5EF1-4B23-BBD5-0203FBF9CCEC"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:wcd9378_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"4CFDBB5B-0A4F-4032-874F-D2A7EF933FB0"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:wcd9378:-:*:*:*:*:*:*:*","matchCriteriaId":"D28A12D6-CC60-4BE9-ADEE-FAB58B05440F"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:wcd9380_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"70292B01-617F-44AD-AF77-1AFC1450523D"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:wcd9380:-:*:*:*:*:*:*:*","matchCriteriaId":"FA94C6D6-85DB-4031-AAF4-C399019AE16D"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:wcd9385_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"92B17201-8185-47F1-9720-5AB4ECD11B22"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:wcd9385:-:*:*:*:*:*:*:*","matchCriteriaId":"E1FA2EB9-416F-4D69-8786-386CC73978AE"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:wcd9395_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"699056F6-1517-4F25-AE07-4FFCF6923B9F"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:wcd9395:-:*:*:*:*:*:*:*","matchCriteriaId":"E4C023D2-6FF5-4FFC-B9F2-895979166580"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:wcn3950_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"3FEF2DB6-00F5-4B07-953B-EF58B31267F1"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:wcn3950:-:*:*:*:*:*:*:*","matchCriteriaId":"120E8F0F-EBEB-4565-9927-2D473F783EF7"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:wcn3988_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"E4BFB25F-013B-48E3-99FF-3E8687F94423"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:wcn3988:-:*:*:*:*:*:*:*","matchCriteriaId":"BF676C5B-838B-446C-A689-6A25AB8A87E2"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:wcn6450_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"1FAFC9FA-E6EF-44C5-BD50-2824C7711541"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:wcn6450:-:*:*:*:*:*:*:*","matchCriteriaId":"6F895CDD-F9BB-45AD-AE60-71F4549114A4"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:wcn7760_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"506C6CE1-6BDF-4542-82C1-820D10D8181A"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:wcn7760:-:*:*:*:*:*:*:*","matchCriteriaId":"72F8CE3B-2BDC-40B1-BB04-A3A7E25B8096"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:wcn7860_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"2EB8794F-7998-424E-AF68-E4A4F9310F65"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:wcn7860:-:*:*:*:*:*:*:*","matchCriteriaId":"799D69CE-3FCC-4B19-8B00-9AF38111D983"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:wcn7861_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"57608D47-894C-4895-B4B3-4733D55D57DB"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:wcn7861:-:*:*:*:*:*:*:*","matchCriteriaId":"2FFD2C38-1A61-4BED-ABFA-DAE0C4B78620"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:wcn7880_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"63735D33-9F09-4841-9FE0-0D9AB604BECF"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:wcn7880:-:*:*:*:*:*:*:*","matchCriteriaId":"E826F765-4C2E-4319-BBC4-DEB02AAD783F"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:wcn7881_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"D765C392-5F38-4E6A-9E88-59629E7A6911"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:wcn7881:-:*:*:*:*:*:*:*","matchCriteriaId":"FAE8F4F9-F692-4EC0-A3FE-2CDD681DCBFD"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:wsa8810_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"15307882-7039-43E9-9BA3-035045988B99"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:wsa8810:-:*:*:*:*:*:*:*","matchCriteriaId":"AA85B322-E593-4499-829A-CC6D70BAE884"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:wsa8815_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"E839A0B9-64C3-4C7A-82B7-D2AAF65928F8"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:wsa8815:-:*:*:*:*:*:*:*","matchCriteriaId":"7E870D82-DE3B-4199-A730-C8FB545BAA98"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:wsa8830_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"11B69595-E488-4590-A150-CE5BE08B5E13"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:wsa8830:-:*:*:*:*:*:*:*","matchCriteriaId":"BF680174-5FA6-47D9-8EAB-CC2A37A7BD42"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:wsa8832_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"7ACAD26E-B79E-4659-91A5-D301281F7D36"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:wsa8832:-:*:*:*:*:*:*:*","matchCriteriaId":"F0E46DA6-9494-4D92-A4AE-A272AF6ACCCC"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:wsa8835_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"F80BC68E-7476-4A40-9F48-53722FE9A5BF"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:wsa8835:-:*:*:*:*:*:*:*","matchCriteriaId":"6B36F4B2-BAA3-45AD-9967-0EB482C99708"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:wsa8840_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"CA33DE15-C177-43B3-AD50-FF797753D12E"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:wsa8840:-:*:*:*:*:*:*:*","matchCriteriaId":"AE1A5841-5BCB-4033-ACB9-23F3FCA65309"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:wsa8845_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"5B47BF35-3AA0-4667-842E-19B0FE30BF3C"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:wsa8845:-:*:*:*:*:*:*:*","matchCriteriaId":"8A071672-9405-4418-9141-35CEADBB65AF"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:wsa8845h_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"BB7CF473-8B25-4851-91F2-1BD693CCDC85"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:wsa8845h:-:*:*:*:*:*:*:*","matchCriteriaId":"91E591F2-8F72-4A5A-9264-2742EB2DABDA"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:wsa8850_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"FA243934-7BFA-47AA-B78C-CCB25377E471"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:wsa8850:-:*:*:*:*:*:*:*","matchCriteriaId":"2FD65035-4D20-48D5-874E-47CD9C7A985C"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:wsa8850w_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"22707187-A56D-48AD-800F-A438FD844546"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:wsa8850w:-:*:*:*:*:*:*:*","matchCriteriaId":"F526A54A-F974-4D0A-A1A6-FABBB6711CD0"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:wsa8855c_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"671E0B82-5D58-4644-8806-7F4CAFFB6641"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:wsa8855c:-:*:*:*:*:*:*:*","matchCriteriaId":"CC066321-B3CC-4E88-BFA9-414B8D095207"}]}]}],"references":[{"url":"https://docs.qualcomm.com/product/publicresources/securitybulletin/july-2026-bulletin.html","source":"product-security@qualcomm.com","tags":["Patch","Vendor Advisory"]}]}},{"cve":{"id":"CVE-2025-59617","sourceIdentifier":"product-security@qualcomm.com","published":"2026-07-06T21:16:52.653","lastModified":"2026-07-07T16:59:44.367","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Memory Corruption when processing multiple IOCTL calls with the same buffer file descriptor input."}],"affected":[{"source":"product-security@qualcomm.com","affectedData":[{"vendor":"Qualcomm, Inc.","product":"Snapdragon","defaultStatus":"unaffected","platforms":["Snapdragon CCW","Snapdragon Compute","Snapdragon Consumer IOT","Snapdragon MC","Snapdragon Mobile"],"versions":[{"version":"FastConnect 6700","status":"affected"},{"version":"FastConnect 6900","status":"affected"},{"version":"FastConnect 7800","status":"affected"},{"version":"Molokai","status":"affected"},{"version":"Orne","status":"affected"},{"version":"Pandeiro","status":"affected"},{"version":"QCM5430","status":"affected"},{"version":"QCM6490","status":"affected"},{"version":"QMP1000","status":"affected"},{"version":"QMP2001","status":"affected"},{"version":"Qualcomm Video Collaboration VC3 Platform","status":"affected"},{"version":"SC8380XP","status":"affected"},{"version":"SD865 5G","status":"affected"},{"version":"SM6850","status":"affected"},{"version":"SM8845P","status":"affected"},{"version":"Snapdragon 460 Mobile Platform","status":"affected"},{"version":"Snapdragon 662 Mobile Platform","status":"affected"},{"version":"Snapdragon 8 Elite Gen 5","status":"affected"},{"version":"Snapdragon AR1 Gen 1 Platform","status":"affected"},{"version":"Snapdragon XR2 5G Platform","status":"affected"},{"version":"Snapdragon XR2+ Gen 1 Platform","status":"affected"},{"version":"SXR2230P","status":"affected"},{"version":"SXR2250P","status":"affected"},{"version":"WCD9370","status":"affected"},{"version":"WCD9375","status":"affected"},{"version":"WCD9378","status":"affected"},{"version":"WCD9380","status":"affected"},{"version":"WCD9385","status":"affected"},{"version":"WCD9395","status":"affected"},{"version":"WCN3950","status":"affected"},{"version":"WCN3988","status":"affected"},{"version":"WCN6450","status":"affected"},{"version":"WCN7760","status":"affected"},{"version":"WCN7860","status":"affected"},{"version":"WCN7861","status":"affected"},{"version":"WCN7880","status":"affected"},{"version":"WCN7881","status":"affected"},{"version":"WSA8810","status":"affected"},{"version":"WSA8815","status":"affected"},{"version":"WSA8830","status":"affected"},{"version":"WSA8832","status":"affected"},{"version":"WSA8835","status":"affected"},{"version":"WSA8840","status":"affected"},{"version":"WSA8845","status":"affected"},{"version":"WSA8845H","status":"affected"},{"version":"WSA8850","status":"affected"},{"version":"WSA8850W","status":"affected"},{"version":"WSA8855C","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"product-security@qualcomm.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:L/I:H/A:L","baseScore":6.6,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"HIGH","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"HIGH","availabilityImpact":"LOW"},"exploitabilityScore":0.8,"impactScore":5.3},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H","baseScore":7.3,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.3,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-07T03:56:25.967370Z","id":"CVE-2025-59617","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"product-security@qualcomm.com","type":"Secondary","description":[{"lang":"en","value":"CWE-416"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:fastconnect_6700_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"82B82E87-F3F4-466F-A76B-C8809121FF6F"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:fastconnect_6700:-:*:*:*:*:*:*:*","matchCriteriaId":"419A132E-E42C-4395-B74B-788A39DF1D13"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:fastconnect_6900_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"E670F500-9B71-4BBE-B5DA-221D35803C89"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:fastconnect_6900:-:*:*:*:*:*:*:*","matchCriteriaId":"9ADEB5C5-B79A-4F45-B7D3-75945B38DB6C"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:fastconnect_7800_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"B3053D68-C5D8-4D47-A4F0-9F3AF2289E1D"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:fastconnect_7800:-:*:*:*:*:*:*:*","matchCriteriaId":"638DBC7F-456F-487D-BED2-2214DFF8BEE2"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:molokai_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"27BCE022-2E7D-4F41-B8EF-6B2F906F75E0"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:molokai:-:*:*:*:*:*:*:*","matchCriteriaId":"4864D493-47A8-4389-9D9A-2ED5B995EF27"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:orne_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"19FB8345-BBFC-4E18-A4E6-64A159D7F65B"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:orne:-:*:*:*:*:*:*:*","matchCriteriaId":"FFDA4056-3F1B-4F3A-BE59-1908BD3DE5E9"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:pandeiro_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"23F8EF0C-BB48-47E1-A045-254D79388F75"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:pandeiro:-:*:*:*:*:*:*:*","matchCriteriaId":"058950FC-ED72-4E91-AE13-87E738ADC083"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:qcm5430_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"4EC5F81B-AA24-4E3C-9FC8-53E010AC977E"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:qcm5430:-:*:*:*:*:*:*:*","matchCriteriaId":"B5C66DAD-0D85-46B8-92D7-6D68B9429E9A"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:qcm6490_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"ADD6D51E-5787-42A6-8A02-4EBBAFFF9C94"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:qcm6490:-:*:*:*:*:*:*:*","matchCriteriaId":"99AA0291-B822-4CAD-BA17-81B632FC3FEF"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:qmp1000_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"5298473D-8B34-42E6-BC32-69A3800972B4"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:qmp1000:-:*:*:*:*:*:*:*","matchCriteriaId":"2A1CF44E-FFC2-4DCB-8DC2-46422D912448"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:qmp2001_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"0B53AF78-37B0-4D64-A7D3-1729D0248D61"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:qmp2001:-:*:*:*:*:*:*:*","matchCriteriaId":"560E36D2-27DB-4590-A879-C2071ED72641"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:video_collaboration_vc3_platform_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"DD4946C6-778F-4542-AB77-C9B86AF25C05"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:video_collaboration_vc3_platform:-:*:*:*:*:*:*:*","matchCriteriaId":"6F1D604A-4530-42B3-80A0-58A82D658DDD"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:sc8380xp_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"14E3FE58-7F1C-4F5C-B62D-0CF124E14AB2"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:sc8380xp:-:*:*:*:*:*:*:*","matchCriteriaId":"FFCB0BBA-3F81-4FCA-B3DE-190C46DA50DB"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:sd865_5g_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"72433485-B229-46A6-BCA4-394AA4EEA683"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:sd865_5g:-:*:*:*:*:*:*:*","matchCriteriaId":"04D40EC4-BF31-4BFD-8D0A-8193F541AF02"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:sm6850_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"DE09FF94-7751-4EED-B269-C7BB056CA90C"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:sm6850:-:*:*:*:*:*:*:*","matchCriteriaId":"02B1463D-EE74-42DC-95D5-D0F66260CB32"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:sm8845p_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"A205320E-6C60-4F6A-90D5-06CABAF0FDEA"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:sm8845p:-:*:*:*:*:*:*:*","matchCriteriaId":"0FB8CE86-605E-4B3D-82E5-A55093ABCE5F"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:snapdragon_460_mobile_platform_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"390D7CAF-6C0B-4438-AA7D-AEEE127F4D3C"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:snapdragon_460_mobile_platform:-:*:*:*:*:*:*:*","matchCriteriaId":"5BB1FC5E-CF6F-4E54-B78D-C01AFD034903"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:snapdragon_662_mobile_platform_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"37DF4D73-3ACC-41B3-8CA4-20DAECE6BFB7"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:snapdragon_662_mobile_platform:-:*:*:*:*:*:*:*","matchCriteriaId":"FE08D23A-2D0D-4472-8847-27B955F55165"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:snapdragon_8_elite_gen_5_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"41070BDB-15E4-4DD7-A132-A14AA24978E5"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:snapdragon_8_elite_gen_5:-:*:*:*:*:*:*:*","matchCriteriaId":"102460A6-9637-4883-9230-2CC888D5D74E"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:snapdragon_ar1_gen_1_platform_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"53E5BBDA-C07D-42E2-9A34-EC1F6454CAA4"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:snapdragon_ar1_gen_1_platform:-:*:*:*:*:*:*:*","matchCriteriaId":"0BB2408F-C768-4DD2-B834-B62E188D6CC2"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:snapdragon_xr2_5g_platform_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"1A129620-8241-4A47-AAC8-CC7E10A09C9C"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:snapdragon_xr2_5g_platform:-:*:*:*:*:*:*:*","matchCriteriaId":"4CEDD78E-124C-4216-9B57-3B7B53463659"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:snapdragon_xr2\\+_gen_1_platform_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"BF9740EB-F82E-42EA-993E-A393B05CC6BB"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:snapdragon_xr2\\+_gen_1_platform:-:*:*:*:*:*:*:*","matchCriteriaId":"022A5532-03F7-4FB8-BA0D-4221178C9486"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:sxr2230p_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"CD6444F6-A477-4B4C-8A09-C22C47CCE45B"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:sxr2230p:-:*:*:*:*:*:*:*","matchCriteriaId":"F3E20681-4FC4-46E2-AF77-BCF03BC8E77E"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:sxr2250p_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"68A93ED1-F509-439E-AE7B-F0EC87AE759F"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:sxr2250p:-:*:*:*:*:*:*:*","matchCriteriaId":"FB5E2A98-EDD0-4298-911D-EC7527D5A424"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:wcd9370_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"1295D869-F4DD-4766-B4AA-3513752F43B4"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:wcd9370:-:*:*:*:*:*:*:*","matchCriteriaId":"B98784DC-3143-4D38-AD28-DBBDCCAB4272"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:wcd9375_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"34143ABA-7D09-429F-A65C-3A33438BF62C"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:wcd9375:-:*:*:*:*:*:*:*","matchCriteriaId":"9D56DFE3-5EF1-4B23-BBD5-0203FBF9CCEC"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:wcd9378_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"4CFDBB5B-0A4F-4032-874F-D2A7EF933FB0"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:wcd9378:-:*:*:*:*:*:*:*","matchCriteriaId":"D28A12D6-CC60-4BE9-ADEE-FAB58B05440F"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:wcd9380_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"70292B01-617F-44AD-AF77-1AFC1450523D"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:wcd9380:-:*:*:*:*:*:*:*","matchCriteriaId":"FA94C6D6-85DB-4031-AAF4-C399019AE16D"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:wcd9385_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"92B17201-8185-47F1-9720-5AB4ECD11B22"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:wcd9385:-:*:*:*:*:*:*:*","matchCriteriaId":"E1FA2EB9-416F-4D69-8786-386CC73978AE"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:wcd9395_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"699056F6-1517-4F25-AE07-4FFCF6923B9F"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:wcd9395:-:*:*:*:*:*:*:*","matchCriteriaId":"E4C023D2-6FF5-4FFC-B9F2-895979166580"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:wcn3950_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"3FEF2DB6-00F5-4B07-953B-EF58B31267F1"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:wcn3950:-:*:*:*:*:*:*:*","matchCriteriaId":"120E8F0F-EBEB-4565-9927-2D473F783EF7"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:wcn3988_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"E4BFB25F-013B-48E3-99FF-3E8687F94423"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:wcn3988:-:*:*:*:*:*:*:*","matchCriteriaId":"BF676C5B-838B-446C-A689-6A25AB8A87E2"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:wcn6450_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"1FAFC9FA-E6EF-44C5-BD50-2824C7711541"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:wcn6450:-:*:*:*:*:*:*:*","matchCriteriaId":"6F895CDD-F9BB-45AD-AE60-71F4549114A4"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:wcn7760_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"506C6CE1-6BDF-4542-82C1-820D10D8181A"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:wcn7760:-:*:*:*:*:*:*:*","matchCriteriaId":"72F8CE3B-2BDC-40B1-BB04-A3A7E25B8096"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:wcn7860_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"2EB8794F-7998-424E-AF68-E4A4F9310F65"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:wcn7860:-:*:*:*:*:*:*:*","matchCriteriaId":"799D69CE-3FCC-4B19-8B00-9AF38111D983"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:wcn7861_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"57608D47-894C-4895-B4B3-4733D55D57DB"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:wcn7861:-:*:*:*:*:*:*:*","matchCriteriaId":"2FFD2C38-1A61-4BED-ABFA-DAE0C4B78620"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:wcn7880_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"63735D33-9F09-4841-9FE0-0D9AB604BECF"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:wcn7880:-:*:*:*:*:*:*:*","matchCriteriaId":"E826F765-4C2E-4319-BBC4-DEB02AAD783F"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:wcn7881_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"D765C392-5F38-4E6A-9E88-59629E7A6911"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:wcn7881:-:*:*:*:*:*:*:*","matchCriteriaId":"FAE8F4F9-F692-4EC0-A3FE-2CDD681DCBFD"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:wsa8810_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"15307882-7039-43E9-9BA3-035045988B99"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:wsa8810:-:*:*:*:*:*:*:*","matchCriteriaId":"AA85B322-E593-4499-829A-CC6D70BAE884"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:wsa8815_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"E839A0B9-64C3-4C7A-82B7-D2AAF65928F8"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:wsa8815:-:*:*:*:*:*:*:*","matchCriteriaId":"7E870D82-DE3B-4199-A730-C8FB545BAA98"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:wsa8830_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"11B69595-E488-4590-A150-CE5BE08B5E13"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:wsa8830:-:*:*:*:*:*:*:*","matchCriteriaId":"BF680174-5FA6-47D9-8EAB-CC2A37A7BD42"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:wsa8832_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"7ACAD26E-B79E-4659-91A5-D301281F7D36"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:wsa8832:-:*:*:*:*:*:*:*","matchCriteriaId":"F0E46DA6-9494-4D92-A4AE-A272AF6ACCCC"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:wsa8835_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"F80BC68E-7476-4A40-9F48-53722FE9A5BF"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:wsa8835:-:*:*:*:*:*:*:*","matchCriteriaId":"6B36F4B2-BAA3-45AD-9967-0EB482C99708"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:wsa8840_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"CA33DE15-C177-43B3-AD50-FF797753D12E"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:wsa8840:-:*:*:*:*:*:*:*","matchCriteriaId":"AE1A5841-5BCB-4033-ACB9-23F3FCA65309"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:wsa8845_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"5B47BF35-3AA0-4667-842E-19B0FE30BF3C"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:wsa8845:-:*:*:*:*:*:*:*","matchCriteriaId":"8A071672-9405-4418-9141-35CEADBB65AF"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:wsa8845h_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"BB7CF473-8B25-4851-91F2-1BD693CCDC85"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:wsa8845h:-:*:*:*:*:*:*:*","matchCriteriaId":"91E591F2-8F72-4A5A-9264-2742EB2DABDA"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:wsa8850_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"FA243934-7BFA-47AA-B78C-CCB25377E471"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:wsa8850:-:*:*:*:*:*:*:*","matchCriteriaId":"2FD65035-4D20-48D5-874E-47CD9C7A985C"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:wsa8850w_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"22707187-A56D-48AD-800F-A438FD844546"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:wsa8850w:-:*:*:*:*:*:*:*","matchCriteriaId":"F526A54A-F974-4D0A-A1A6-FABBB6711CD0"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:wsa8855c_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"671E0B82-5D58-4644-8806-7F4CAFFB6641"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:wsa8855c:-:*:*:*:*:*:*:*","matchCriteriaId":"CC066321-B3CC-4E88-BFA9-414B8D095207"}]}]}],"references":[{"url":"https://docs.qualcomm.com/product/publicresources/securitybulletin/july-2026-bulletin.html","source":"product-security@qualcomm.com","tags":["Patch","Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-14468","sourceIdentifier":"security@hashicorp.com","published":"2026-07-06T21:16:53.000","lastModified":"2026-07-07T15:16:42.847","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"HashiCorp Terraform Enterprise contained an issue in its version control system (VCS) ingestion of registry modules that did not correctly enforce the intended boundary on packaged module content. This may allow an authenticated user to include files from outside the intended repository content in a module and then download them, potentially exposing sensitive files readable by the ingestion process. This vulnerability, CVE-2026-14468, is fixed in Terraform Enterprise v2.0.4 and v1.2.4."}],"affected":[{"source":"security@hashicorp.com","affectedData":[{"vendor":"HashiCorp","product":"Terraform Enterprise","defaultStatus":"unaffected","platforms":["64 bit","32 bit","x86","ARM","MacOS","Windows","Linux"],"versions":[{"version":"1.0.0","lessThan":"2.0.4","versionType":"semver","status":"affected","changes":[{"at":"1.2.4","status":"unaffected"}]}]}]}],"metrics":{"cvssMetricV31":[{"source":"security@hashicorp.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N","baseScore":7.7,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.1,"impactScore":4.0}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-07T13:52:23.618304Z","id":"CVE-2026-14468","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security@hashicorp.com","type":"Secondary","description":[{"lang":"en","value":"CWE-22"}]}],"references":[{"url":"https://discuss.hashicorp.com/t/hcsec-2026-17-terraform-enterprise-vulnerable-to-arbitrary-file-read/77549","source":"security@hashicorp.com"}]}},{"cve":{"id":"CVE-2026-14471","sourceIdentifier":"ff89ba41-3aa1-4d27-914a-91399e9639e5","published":"2026-07-06T21:16:53.123","lastModified":"2026-07-07T14:16:28.837","vulnStatus":"Awaiting Analysis","cveTags":[],"descriptions":[{"lang":"en","value":"Improper Neutralization of Special Elements in the metrics-service retention policy management component in Amazon mcp-gateway-registry before 1.0.13 might allow an authenticated remote user to execute arbitrary SQL queries via a crafted table_name value that is interpolated into SQL statements in identifier position.\n\n\n\nTo remediate this issue, users should upgrade to version 1.0.13 or later."}],"affected":[{"source":"ff89ba41-3aa1-4d27-914a-91399e9639e5","affectedData":[{"vendor":"AWS","product":"MCP Gateway & Registry","defaultStatus":"unaffected","versions":[{"version":"1.0.3","lessThanOrEqual":"1.0.12","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"ff89ba41-3aa1-4d27-914a-91399e9639e5","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":8.6,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"LOW","userInteraction":"NONE","vulnConfidentialityImpact":"HIGH","vulnIntegrityImpact":"HIGH","vulnAvailabilityImpact":"NONE","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"ff89ba41-3aa1-4d27-914a-91399e9639e5","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N","baseScore":8.1,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":5.2}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-07T13:44:46.382343Z","id":"CVE-2026-14471","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"ff89ba41-3aa1-4d27-914a-91399e9639e5","type":"Secondary","description":[{"lang":"en","value":"CWE-89"}]}],"references":[{"url":"https://aws.amazon.com/security/security-bulletins/2026-052-aws/","source":"ff89ba41-3aa1-4d27-914a-91399e9639e5"},{"url":"https://github.com/agentic-community/mcp-gateway-registry/releases/tag/v1.0.13","source":"ff89ba41-3aa1-4d27-914a-91399e9639e5"},{"url":"https://github.com/agentic-community/mcp-gateway-registry/security/advisories/GHSA-79qc-vqfr-xx5q","source":"ff89ba41-3aa1-4d27-914a-91399e9639e5"}]}},{"cve":{"id":"CVE-2026-21368","sourceIdentifier":"product-security@qualcomm.com","published":"2026-07-06T21:16:53.407","lastModified":"2026-07-07T16:50:09.200","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Memory Corruption when parsing jpeg commands due to unaccounted extra writes to the buffer during validation checks."}],"affected":[{"source":"product-security@qualcomm.com","affectedData":[{"vendor":"Qualcomm, Inc.","product":"Snapdragon","defaultStatus":"unaffected","platforms":["Snapdragon Auto","Snapdragon Compute","Snapdragon Industrial IOT","Snapdragon Mobile"],"versions":[{"version":"FastConnect 6700","status":"affected"},{"version":"FastConnect 6900","status":"affected"},{"version":"FastConnect 7800","status":"affected"},{"version":"G3x Gen 2","status":"affected"},{"version":"IQ9 Series Platform","status":"affected"},{"version":"LeMans_AU_LGIT","status":"affected"},{"version":"LeMansAU","status":"affected"},{"version":"Netrani","status":"affected"},{"version":"Pandeiro","status":"affected"},{"version":"QAM8255P","status":"affected"},{"version":"QAMSRV1H","status":"affected"},{"version":"QAMSRV1M","status":"affected"},{"version":"QCA6595","status":"affected"},{"version":"QCA6595AU","status":"affected"},{"version":"QCA6678AQ","status":"affected"},{"version":"QCA6698AQ","status":"affected"},{"version":"QCA6698AU","status":"affected"},{"version":"QCA6797AQ","status":"affected"},{"version":"QCM4490","status":"affected"},{"version":"QCM8838","status":"affected"},{"version":"QCS4490","status":"affected"},{"version":"QCS8550","status":"affected"},{"version":"QLN1083BD","status":"affected"},{"version":"QLN1086BD","status":"affected"},{"version":"QPA1083BD","status":"affected"},{"version":"QPA1086BD","status":"affected"},{"version":"QXM1093","status":"affected"},{"version":"QXM1094","status":"affected"},{"version":"QXM1095","status":"affected"},{"version":"QXM1096","status":"affected"},{"version":"SA7255P","status":"affected"},{"version":"SA7775P","status":"affected"},{"version":"SA8255P","status":"affected"},{"version":"SA8620P","status":"affected"},{"version":"SA8770P","status":"affected"},{"version":"SA9000P","status":"affected"},{"version":"SAR2130P","status":"affected"},{"version":"SC8380XP","status":"affected"},{"version":"SD 8 Gen1 5G","status":"affected"},{"version":"SD865 5G","status":"affected"},{"version":"SDR753","status":"affected"},{"version":"SM7435","status":"affected"},{"version":"SM7525","status":"affected"},{"version":"SM7550","status":"affected"},{"version":"SM7550P","status":"affected"},{"version":"SM8550P","status":"affected"},{"version":"Snapdragon 4 Gen 2 Mobile Platform","status":"affected"},{"version":"Snapdragon 460 Mobile Platform","status":"affected"},{"version":"Snapdragon 6 Gen 1 Mobile Platform","status":"affected"},{"version":"Snapdragon 6 Gen 3 Mobile Platform","status":"affected"},{"version":"Snapdragon 662 Mobile Platform","status":"affected"},{"version":"Snapdragon 7 Gen 1 Mobile Platform","status":"affected"},{"version":"Snapdragon 8 Elite","status":"affected"},{"version":"Snapdragon 8 Gen 1 Mobile Platform","status":"affected"},{"version":"Snapdragon 8 Gen 2 Mobile Platform","status":"affected"},{"version":"Snapdragon 8+ Gen 2 Mobile Platform","status":"affected"},{"version":"Snapdragon AR1 Gen 1 Platform","status":"affected"},{"version":"Snapdragon XR2 5G Platform","status":"affected"},{"version":"Snapdragon XR2+ Gen 1 Platform","status":"affected"},{"version":"SRV1H","status":"affected"},{"version":"SRV1M","status":"affected"},{"version":"SXR2230P","status":"affected"},{"version":"SXR2330P","status":"affected"},{"version":"SXR2350P","status":"affected"},{"version":"WCD9370","status":"affected"},{"version":"WCD9371","status":"affected"},{"version":"WCD9375","status":"affected"},{"version":"WCD9378","status":"affected"},{"version":"WCD9380","status":"affected"},{"version":"WCD9385","status":"affected"},{"version":"WCD9390","status":"affected"},{"version":"WCD9395","status":"affected"},{"version":"WCN3950","status":"affected"},{"version":"WCN3988","status":"affected"},{"version":"WCN6450","status":"affected"},{"version":"WCN6650","status":"affected"},{"version":"WCN6755","status":"affected"},{"version":"WCN7860","status":"affected"},{"version":"WCN7861","status":"affected"},{"version":"WCN7881","status":"affected"},{"version":"WSA8810","status":"affected"},{"version":"WSA8815","status":"affected"},{"version":"WSA8830","status":"affected"},{"version":"WSA8832","status":"affected"},{"version":"WSA8835","status":"affected"},{"version":"WSA8840","status":"affected"},{"version":"WSA8845","status":"affected"},{"version":"WSA8845H","status":"affected"},{"version":"X1E80100","status":"affected"},{"version":"XRV7209","status":"affected"},{"version":"XRV9209","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"product-security@qualcomm.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:L","baseScore":5.3,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"HIGH","privilegesRequired":"LOW","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"LOW"},"exploitabilityScore":1.1,"impactScore":3.7},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L","baseScore":5.3,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"LOW"},"exploitabilityScore":1.8,"impactScore":3.4}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-07T03:56:28.131457Z","id":"CVE-2026-21368","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"product-security@qualcomm.com","type":"Secondary","description":[{"lang":"en","value":"CWE-787"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:fastconnect_6700_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"82B82E87-F3F4-466F-A76B-C8809121FF6F"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:fastconnect_6700:-:*:*:*:*:*:*:*","matchCriteriaId":"419A132E-E42C-4395-B74B-788A39DF1D13"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:fastconnect_6900_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"E670F500-9B71-4BBE-B5DA-221D35803C89"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:fastconnect_6900:-:*:*:*:*:*:*:*","matchCriteriaId":"9ADEB5C5-B79A-4F45-B7D3-75945B38DB6C"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:fastconnect_7800_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"B3053D68-C5D8-4D47-A4F0-9F3AF2289E1D"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:fastconnect_7800:-:*:*:*:*:*:*:*","matchCriteriaId":"638DBC7F-456F-487D-BED2-2214DFF8BEE2"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:g3x_gen_2_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"C167BE19-999E-4538-A23E-01F9C287A6C7"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:g3x_gen_2:-:*:*:*:*:*:*:*","matchCriteriaId":"1026CB5F-E30A-42DE-8432-74412CC8BA00"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:iq-9075_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"08431A88-C176-48BB-918C-DF3FEABE78D4"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:iq-9075:-:*:*:*:*:*:*:*","matchCriteriaId":"3C50A35E-023A-404D-BFBC-FFCD1F30E872"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:sm8550p_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"C4CDD6A2-5A3C-4572-8CE1-2F102333BB79"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:sm8550p:-:*:*:*:*:*:*:*","matchCriteriaId":"699E5D17-6144-4F0A-8D52-1E8C83990E52"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:snapdragon_4_gen_2_mobile_platform_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"55AECCCF-0761-46B6-B669-E73096679AFB"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:snapdragon_4_gen_2_mobile_platform:-:*:*:*:*:*:*:*","matchCriteriaId":"7DE87CA2-160A-43BF-AC18-DA788501B5B4"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:snapdragon_460_mobile_platform_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"390D7CAF-6C0B-4438-AA7D-AEEE127F4D3C"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:snapdragon_460_mobile_platform:-:*:*:*:*:*:*:*","matchCriteriaId":"5BB1FC5E-CF6F-4E54-B78D-C01AFD034903"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:snapdragon_6_gen_1_mobile_platform_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"EBB3BC1B-2EBC-457C-AE91-6BD408EB7D5F"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:snapdragon_6_gen_1_mobile_platform:-:*:*:*:*:*:*:*","matchCriteriaId":"0870CC30-07F8-4FFF-85B4-FBACE947CC14"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:snapdragon_6_gen_3_mobile_platform_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"D69E4203-EA20-4D6F-BD1C-C8E550588F87"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:snapdragon_6_gen_3_mobile_platform:-:*:*:*:*:*:*:*","matchCriteriaId":"C1225010-5A08-4D13-A3E2-4C57C4265605"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:snapdragon_662_mobile_platform_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"37DF4D73-3ACC-41B3-8CA4-20DAECE6BFB7"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:snapdragon_662_mobile_platform:-:*:*:*:*:*:*:*","matchCriteriaId":"FE08D23A-2D0D-4472-8847-27B955F55165"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:snapdragon_7_gen_1_mobile_platform_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"677D5A3F-2A0D-48F0-A1C5-B067BADFD11A"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:snapdragon_7_gen_1_mobile_platform:-:*:*:*:*:*:*:*","matchCriteriaId":"CB79B015-A401-4FAD-8818-1475653C2B12"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:snapdragon_8_elite_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"3EA50192-07B0-4404-93D4-EC4F3B1918B7"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:snapdragon_8_elite:-:*:*:*:*:*:*:*","matchCriteriaId":"26C7FC48-08CB-4E50-B8D3-8AF30549FDF8"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:snapdragon_8_gen_1_mobile_platform_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"EB8FA32F-4690-4C5B-8968-474DA32FD0A4"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:snapdragon_8_gen_1_mobile_platform:-:*:*:*:*:*:*:*","matchCriteriaId":"59BD8BEA-725A-4158-84BE-4AFD476ED03D"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:snapdragon_8_gen_2_mobile_platform_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"60F5899C-BA8D-4B6B-BC61-F77B1EB64739"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:snapdragon_8_gen_2_mobile_platform:-:*:*:*:*:*:*:*","matchCriteriaId":"D39AD7CE-A017-4D74-A348-9E4B08363799"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:snapdragon_8\\+_gen_2_mobile_platform_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"1FEDF458-DEA7-42A1-A56D-E11250139545"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:snapdragon_8\\+_gen_2_mobile_platform:-:*:*:*:*:*:*:*","matchCriteriaId":"D5693438-0F20-47BB-BA32-7175C3152368"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:snapdragon_ar1_gen_1_platform_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"53E5BBDA-C07D-42E2-9A34-EC1F6454CAA4"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:snapdragon_ar1_gen_1_platform:-:*:*:*:*:*:*:*","matchCriteriaId":"0BB2408F-C768-4DD2-B834-B62E188D6CC2"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:snapdragon_xr2_5g_platform_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"1A129620-8241-4A47-AAC8-CC7E10A09C9C"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:snapdragon_xr2_5g_platform:-:*:*:*:*:*:*:*","matchCriteriaId":"4CEDD78E-124C-4216-9B57-3B7B53463659"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:snapdragon_xr2\\+_gen_1_platform_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"BF9740EB-F82E-42EA-993E-A393B05CC6BB"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:snapdragon_xr2\\+_gen_1_platform:-:*:*:*:*:*:*:*","matchCriteriaId":"022A5532-03F7-4FB8-BA0D-4221178C9486"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:srv1h_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"0CD199F5-DA68-4BEB-AA99-11572DA26B4F"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:srv1h:-:*:*:*:*:*:*:*","matchCriteriaId":"8ACA2D4D-FC77-4C1A-8278-1C27B3EA3303"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:srv1m_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"E4B29E7F-8BFE-466A-B357-63F8A2160C4E"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:srv1m:-:*:*:*:*:*:*:*","matchCriteriaId":"6D55CC7D-2E65-4CA9-9892-B6FBCC087E6F"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:sxr2230p_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"CD6444F6-A477-4B4C-8A09-C22C47CCE45B"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:sxr2230p:-:*:*:*:*:*:*:*","matchCriteriaId":"F3E20681-4FC4-46E2-AF77-BCF03BC8E77E"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:sxr2330p_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"568C5B08-AC42-48D3-8029-A65689EEBE75"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:sxr2330p:-:*:*:*:*:*:*:*","matchCriteriaId":"56DD2B49-0A36-443C-BECB-4115E271A415"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:sxr2350p_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"AA54D269-A94D-47CB-B3F1-7B163E453A67"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:sxr2350p:-:*:*:*:*:*:*:*","matchCriteriaId":"F1D79422-1EA3-459A-8C4A-8A0FBE386036"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:wcd9370_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"1295D869-F4DD-4766-B4AA-3513752F43B4"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:wcd9370:-:*:*:*:*:*:*:*","matchCriteriaId":"B98784DC-3143-4D38-AD28-DBBDCCAB4272"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:wcd9371_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"2503805B-B2A6-4AEE-8AB1-2B8A040702BD"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:wcd9371:-:*:*:*:*:*:*:*","matchCriteriaId":"D3AD370C-2ED0-43CF-83D9-50DC92A01CA5"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:wcd9375_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"34143ABA-7D09-429F-A65C-3A33438BF62C"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:wcd9375:-:*:*:*:*:*:*:*","matchCriteriaId":"9D56DFE3-5EF1-4B23-BBD5-0203FBF9CCEC"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:wcd9378_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"4CFDBB5B-0A4F-4032-874F-D2A7EF933FB0"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:wcd9378:-:*:*:*:*:*:*:*","matchCriteriaId":"D28A12D6-CC60-4BE9-ADEE-FAB58B05440F"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:wcd9380_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"70292B01-617F-44AD-AF77-1AFC1450523D"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:wcd9380:-:*:*:*:*:*:*:*","matchCriteriaId":"FA94C6D6-85DB-4031-AAF4-C399019AE16D"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:wcd9385_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"92B17201-8185-47F1-9720-5AB4ECD11B22"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:wcd9385:-:*:*:*:*:*:*:*","matchCriteriaId":"E1FA2EB9-416F-4D69-8786-386CC73978AE"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:wcd9390_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"896F1C04-9957-440F-BF01-C3772CC3B3DF"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:wcd9390:-:*:*:*:*:*:*:*","matchCriteriaId":"A90555EB-47A7-4717-92D5-35B561825F06"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:wcd9395_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"699056F6-1517-4F25-AE07-4FFCF6923B9F"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:wcd9395:-:*:*:*:*:*:*:*","matchCriteriaId":"E4C023D2-6FF5-4FFC-B9F2-895979166580"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:wcn3950_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"3FEF2DB6-00F5-4B07-953B-EF58B31267F1"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:wcn3950:-:*:*:*:*:*:*:*","matchCriteriaId":"120E8F0F-EBEB-4565-9927-2D473F783EF7"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:wcn3988_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"E4BFB25F-013B-48E3-99FF-3E8687F94423"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:wcn3988:-:*:*:*:*:*:*:*","matchCriteriaId":"BF676C5B-838B-446C-A689-6A25AB8A87E2"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:wcn6450_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"1FAFC9FA-E6EF-44C5-BD50-2824C7711541"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:wcn6450:-:*:*:*:*:*:*:*","matchCriteriaId":"6F895CDD-F9BB-45AD-AE60-71F4549114A4"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:wcn6650_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"93398092-AF7C-4F04-874C-7E5B4CF7AB00"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:wcn6650:-:*:*:*:*:*:*:*","matchCriteriaId":"7D242084-5844-4E43-8D7F-D2F8E3521F0C"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:wcn6755_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"2BC386D9-3D2B-40FA-A2D9-199BB138F46A"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:wcn6755:-:*:*:*:*:*:*:*","matchCriteriaId":"133FFD9F-FA09-4801-939B-AD1D507BE5FE"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:wcn7860_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"2EB8794F-7998-424E-AF68-E4A4F9310F65"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:wcn7860:-:*:*:*:*:*:*:*","matchCriteriaId":"799D69CE-3FCC-4B19-8B00-9AF38111D983"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:wcn7861_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"57608D47-894C-4895-B4B3-4733D55D57DB"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:wcn7861:-:*:*:*:*:*:*:*","matchCriteriaId":"2FFD2C38-1A61-4BED-ABFA-DAE0C4B78620"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:wcn7881_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"D765C392-5F38-4E6A-9E88-59629E7A6911"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:wcn7881:-:*:*:*:*:*:*:*","matchCriteriaId":"FAE8F4F9-F692-4EC0-A3FE-2CDD681DCBFD"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:wsa8810_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"15307882-7039-43E9-9BA3-035045988B99"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:wsa8810:-:*:*:*:*:*:*:*","matchCriteriaId":"AA85B322-E593-4499-829A-CC6D70BAE884"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:wsa8815_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"E839A0B9-64C3-4C7A-82B7-D2AAF65928F8"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:wsa8815:-:*:*:*:*:*:*:*","matchCriteriaId":"7E870D82-DE3B-4199-A730-C8FB545BAA98"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:wsa8830_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"11B69595-E488-4590-A150-CE5BE08B5E13"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:wsa8830:-:*:*:*:*:*:*:*","matchCriteriaId":"BF680174-5FA6-47D9-8EAB-CC2A37A7BD42"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:wsa8832_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"7ACAD26E-B79E-4659-91A5-D301281F7D36"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:wsa8832:-:*:*:*:*:*:*:*","matchCriteriaId":"F0E46DA6-9494-4D92-A4AE-A272AF6ACCCC"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:wsa8835_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"F80BC68E-7476-4A40-9F48-53722FE9A5BF"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:wsa8835:-:*:*:*:*:*:*:*","matchCriteriaId":"6B36F4B2-BAA3-45AD-9967-0EB482C99708"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:lemans_au_lgit_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"5767FE95-737F-4C20-A5AB-EC641A68D906"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:lemans_au_lgit:-:*:*:*:*:*:*:*","matchCriteriaId":"33323A49-9267-421B-96E1-80C5FA709EBC"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:lemansau_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"2DF0ED3F-C98B-458E-ADCC-C922402BB185"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:lemansau:-:*:*:*:*:*:*:*","matchCriteriaId":"102A4B5E-1739-4C31-A626-ABF6B02FEE29"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:netrani_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"9C52A53B-1182-47F3-9800-D8C58F954277"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:netrani:-:*:*:*:*:*:*:*","matchCriteriaId":"BEC1F084-78C8-4413-940A-47E9554CB6D0"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:pandeiro_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"23F8EF0C-BB48-47E1-A045-254D79388F75"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:pandeiro:-:*:*:*:*:*:*:*","matchCriteriaId":"058950FC-ED72-4E91-AE13-87E738ADC083"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:qam8255p_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"3723C7B1-A7E2-401F-8D6D-189350F6BCA5"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:qam8255p:-:*:*:*:*:*:*:*","matchCriteriaId":"B12B89EF-7B12-481E-BCBC-F12B9D16321A"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:qamsrv1h_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"F8673334-5E11-4E95-B33D-3029499F71DF"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:qamsrv1h:-:*:*:*:*:*:*:*","matchCriteriaId":"EC0B32F6-5EF0-4591-99D7-D0E9B09DEC5A"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:qamsrv1m_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"CE03AB2A-3ED9-4489-8E5B-4FCF8BAA8559"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:qamsrv1m:-:*:*:*:*:*:*:*","matchCriteriaId":"9E646738-6A87-4470-9640-6A5A1DF3AF78"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:qca6595_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"643EC76D-2836-48E6-81DA-78C4883C33CA"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:qca6595:-:*:*:*:*:*:*:*","matchCriteriaId":"477F6529-4CE1-44FC-B6EE-D24D44C71AE7"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:qca6595au_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"288F637F-22F8-47CF-B67F-C798A730A1BD"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:qca6595au:-:*:*:*:*:*:*:*","matchCriteriaId":"D0996EA3-1C92-4933-BE34-9CF625E59FE7"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:qca6678aq_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"D001127D-8160-42F0-B8B9-2FAA2976B530"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:qca6678aq:-:*:*:*:*:*:*:*","matchCriteriaId":"C9EB615F-FD4C-450B-AB25-E936FD9816C4"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:qca6698aq_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"5FA1F8F4-EAF2-4704-A8A6-19AD3CA1B577"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:qca6698aq:-:*:*:*:*:*:*:*","matchCriteriaId":"B3F7853D-09EE-476F-B48D-BB30AEB4A67D"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:qca6698au_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"3ACA09C0-84A5-493A-A9BD-EF95A8330D54"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:qca6698au:-:*:*:*:*:*:*:*","matchCriteriaId":"3A2397BD-431C-4730-92E3-17A5C2445A65"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:qca6797aq_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"797295C2-535C-46A9-A725-E1A5405F0436"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:qca6797aq:-:*:*:*:*:*:*:*","matchCriteriaId":"8BFC575E-594E-4711-94B1-2DC8D03B9AC4"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:qcm4490_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"DA506489-4338-44DF-8F92-12E60AF0048C"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:qcm4490:-:*:*:*:*:*:*:*","matchCriteriaId":"A8718C37-A82A-4A08-A887-3F22B37601A9"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:qcm8838_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"7C6535AE-8680-4AB9-ABF6-82DAE1795531"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:qcm8838:-:*:*:*:*:*:*:*","matchCriteriaId":"9C3FEACB-1AE1-4BF2-9552-C31A32DCCA9B"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:qcs4490_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"3336CDD7-9E7B-4FFB-A5CE-594B19B63A6C"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:qcs4490:-:*:*:*:*:*:*:*","matchCriteriaId":"1197E229-1E27-4CA3-A386-B77FAE5DFE1A"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:qcs8550_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"FFF23DDB-98A0-4343-ADD3-5AB9C2383E7E"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:qcs8550:-:*:*:*:*:*:*:*","matchCriteriaId":"5ACB8AFB-5B91-4AA1-BA3A-1AF0B3503080"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:qln1083bd_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"FD70F234-1EE7-4362-97F6-5AEDB7078D03"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:qln1083bd:-:*:*:*:*:*:*:*","matchCriteriaId":"C569A848-B70C-42EF-B6D5-4A86547586EE"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:qln1086bd_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"F218DF06-C40A-4738-ABB5-A3FA2243EF84"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:qln1086bd:-:*:*:*:*:*:*:*","matchCriteriaId":"2E2A0CD0-66FA-45D6-BBC7-03641203EC73"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:qpa1083bd_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"B0208F7B-A959-485E-B004-A34CB7C7C4C9"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:qpa1083bd:-:*:*:*:*:*:*:*","matchCriteriaId":"FBDAC812-4603-4D24-A861-23825E32D44E"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:qpa1086bd_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"7F6DEF72-A8FF-4B67-AA6C-5CB4AA7B35E1"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:qpa1086bd:-:*:*:*:*:*:*:*","matchCriteriaId":"00EF6875-B088-40BD-A526-C962789CDC5A"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:qxm1093_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"9A46B609-BD06-4BB7-B055-1F71C555E93D"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:qxm1093:-:*:*:*:*:*:*:*","matchCriteriaId":"59598462-1E53-4F6D-BAB5-06ACEDF6CD9F"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:qxm1094_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"8F30D66E-2802-4394-BC39-5E04711234FF"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:qxm1094:-:*:*:*:*:*:*:*","matchCriteriaId":"078EC383-784F-4468-B94C-AE7CC9808419"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:qxm1095_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"B7B67C93-0453-4696-8F3D-0AD664922C44"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:qxm1095:-:*:*:*:*:*:*:*","matchCriteriaId":"D61C46AA-9130-46A8-BD04-8B4235118B81"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:qxm1096_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"2E2D5E44-48F6-41E8-A38B-A2E070E16AA9"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:qxm1096:-:*:*:*:*:*:*:*","matchCriteriaId":"9BD0372F-5140-4966-9A27-6B5A606C0665"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:sa7255p_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"2B651F0A-34DA-400F-A376-B499BFDF8E86"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:sa7255p:-:*:*:*:*:*:*:*","matchCriteriaId":"4CFF093D-98C8-470F-8330-E5126E06343A"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:sa7775p_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"6C32CA38-5D48-4108-9858-FD66E20CAF2F"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:sa7775p:-:*:*:*:*:*:*:*","matchCriteriaId":"E1997F8B-17B8-4DE3-BCF7-726928720592"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:sa8255p_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"EC6E268D-C4AF-4950-9223-39EA36D538A8"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:sa8255p:-:*:*:*:*:*:*:*","matchCriteriaId":"073C1A81-D02B-4F2F-9378-CD1B2DCE0E5B"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:sa8620p_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"6ACE6D64-A498-482F-8270-718F4884CFFD"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:sa8620p:-:*:*:*:*:*:*:*","matchCriteriaId":"B6E016D6-1B83-4261-A27E-1F9873F81E14"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:sa8770p_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"781CCC31-C08F-499B-BE73-6C7DB70437AF"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:sa8770p:-:*:*:*:*:*:*:*","matchCriteriaId":"75AFAA21-0589-4C6A-9418-34EE8A61BBAD"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:sa9000p_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"A024AB04-B213-4018-A4C1-FA467C7BA775"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:sa9000p:-:*:*:*:*:*:*:*","matchCriteriaId":"A2A8AB7C-5D34-4794-8C06-2193075B323F"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:sar2130p_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"95696696-D2AE-4358-AF5D-3ED14F969964"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:sar2130p:-:*:*:*:*:*:*:*","matchCriteriaId":"1A6FC469-463F-4EC1-B4EF-010BDB9BAA05"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:sc8380xp_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"14E3FE58-7F1C-4F5C-B62D-0CF124E14AB2"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:sc8380xp:-:*:*:*:*:*:*:*","matchCriteriaId":"FFCB0BBA-3F81-4FCA-B3DE-190C46DA50DB"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:sd_8_gen1_5g_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"76910884-45D9-4EA2-BA30-44A8C7CC1339"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:sd_8_gen1_5g:-:*:*:*:*:*:*:*","matchCriteriaId":"33D393A6-4586-4416-86EB-F9D86DC3DED8"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:sd865_5g_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"72433485-B229-46A6-BCA4-394AA4EEA683"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:sd865_5g:-:*:*:*:*:*:*:*","matchCriteriaId":"04D40EC4-BF31-4BFD-8D0A-8193F541AF02"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:sdr753_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"A49B142B-E8DC-4A79-B969-2C2FBE2E009A"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:sdr753:-:*:*:*:*:*:*:*","matchCriteriaId":"8A1A6C7D-EAB0-4D8D-9A3E-DA066F4ACF7D"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:sm7435_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"F7A95A9E-617A-4D3A-9A4E-0C0A29B3C8B5"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:sm7435:-:*:*:*:*:*:*:*","matchCriteriaId":"3559292E-B5A6-4F88-BC20-F6AA85F07C97"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:sm7525_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"2410FF59-E0C0-4920-9656-C398DB06DEAE"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:sm7525:-:*:*:*:*:*:*:*","matchCriteriaId":"7D2B800C-4DBC-4028-875D-667C87D75247"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:sm7550_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"EEA5CE41-0596-4D38-9891-D1DF711EA7E9"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:sm7550:-:*:*:*:*:*:*:*","matchCriteriaId":"E1A901C6-FB73-4361-B391-4A4AF8C70029"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:sm7550p_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"5C5D7E2C-0955-4B6E-96E4-CFA06D937492"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:sm7550p:-:*:*:*:*:*:*:*","matchCriteriaId":"9D1D0F33-AD5A-4826-9A06-EAD2A8709974"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:wsa8840_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"CA33DE15-C177-43B3-AD50-FF797753D12E"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:wsa8840:-:*:*:*:*:*:*:*","matchCriteriaId":"AE1A5841-5BCB-4033-ACB9-23F3FCA65309"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:wsa8845_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"5B47BF35-3AA0-4667-842E-19B0FE30BF3C"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:wsa8845:-:*:*:*:*:*:*:*","matchCriteriaId":"8A071672-9405-4418-9141-35CEADBB65AF"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:wsa8845h_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"BB7CF473-8B25-4851-91F2-1BD693CCDC85"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:wsa8845h:-:*:*:*:*:*:*:*","matchCriteriaId":"91E591F2-8F72-4A5A-9264-2742EB2DABDA"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:x1e80100_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"42F453E4-02CC-4E48-A25B-F1394069F524"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:x1e80100:-:*:*:*:*:*:*:*","matchCriteriaId":"8A6671AE-3490-4D85-A20C-3DA26F7D7AEB"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:xrv7209_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"CC6C6243-E092-4903-BC20-E3B0CECBC790"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:xrv7209:-:*:*:*:*:*:*:*","matchCriteriaId":"AAA33761-D61C-4A81-B233-5E2D50F3596F"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:xrv9209_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"3D693483-72F9-42B1-8EDA-8DABD537F428"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:xrv9209:-:*:*:*:*:*:*:*","matchCriteriaId":"43F4A7D9-055D-475B-BFE4-61A86C7397F8"}]}]}],"references":[{"url":"https://docs.qualcomm.com/product/publicresources/securitybulletin/july-2026-bulletin.html","source":"product-security@qualcomm.com","tags":["Patch","Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-21369","sourceIdentifier":"product-security@qualcomm.com","published":"2026-07-06T21:16:53.553","lastModified":"2026-07-07T16:49:34.810","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Memory Corruption when handling flash commands due to outdated LED count values being used after userspace modification."}],"affected":[{"source":"product-security@qualcomm.com","affectedData":[{"vendor":"Qualcomm, Inc.","product":"Snapdragon","defaultStatus":"unaffected","platforms":["Snapdragon Auto","Snapdragon Compute","Snapdragon Consumer IOT","Snapdragon Industrial IOT","Snapdragon Mobile","Snapdragon Wearables"],"versions":[{"version":"FastConnect 6200","status":"affected"},{"version":"FastConnect 6700","status":"affected"},{"version":"FastConnect 6900","status":"affected"},{"version":"FastConnect 7800","status":"affected"},{"version":"G1 Gen 1","status":"affected"},{"version":"G3x Gen 2","status":"affected"},{"version":"IQ9 Series Platform","status":"affected"},{"version":"Kalpeni","status":"affected"},{"version":"LeMans_AU_LGIT","status":"affected"},{"version":"LeMansAU","status":"affected"},{"version":"Pandeiro","status":"affected"},{"version":"QAM8255P","status":"affected"},{"version":"QAM8295P","status":"affected"},{"version":"QAMSRV1H","status":"affected"},{"version":"QAMSRV1M","status":"affected"},{"version":"QCA6574AU","status":"affected"},{"version":"QCA6595","status":"affected"},{"version":"QCA6688AQ","status":"affected"},{"version":"QCA6696","status":"affected"},{"version":"QCA6698AQ","status":"affected"},{"version":"QCA6797AQ","status":"affected"},{"version":"QCA8695AU","status":"affected"},{"version":"QCM2290","status":"affected"},{"version":"QCM4325","status":"affected"},{"version":"QCM4490","status":"affected"},{"version":"QCM5430","status":"affected"},{"version":"QCM6490","status":"affected"},{"version":"QCM8838","status":"affected"},{"version":"QCS2290","status":"affected"},{"version":"QCS4290","status":"affected"},{"version":"QCS4490","status":"affected"},{"version":"QLN1083BD","status":"affected"},{"version":"QLN1086BD","status":"affected"},{"version":"QPA1083BD","status":"affected"},{"version":"QPA1086BD","status":"affected"},{"version":"Qualcomm Video Collaboration VC3 Platform","status":"affected"},{"version":"QXM1093","status":"affected"},{"version":"QXM1094","status":"affected"},{"version":"QXM1095","status":"affected"},{"version":"QXM1096","status":"affected"},{"version":"SA6155P","status":"affected"},{"version":"SA7255P","status":"affected"},{"version":"SA7775P","status":"affected"},{"version":"SA8155P","status":"affected"},{"version":"SA8195P","status":"affected"},{"version":"SA8255P","status":"affected"},{"version":"SA8295P","status":"affected"},{"version":"SA8620P","status":"affected"},{"version":"SA8770P","status":"affected"},{"version":"SA9000P","status":"affected"},{"version":"SAR2130P","status":"affected"},{"version":"SC8380XP","status":"affected"},{"version":"SD662","status":"affected"},{"version":"SD865 5G","status":"affected"},{"version":"SDR753","status":"affected"},{"version":"SM6225P","status":"affected"},{"version":"SM7525","status":"affected"},{"version":"SM7550","status":"affected"},{"version":"SM7550P","status":"affected"},{"version":"SM8550P","status":"affected"},{"version":"Snapdragon 4 Gen 1 Mobile Platform","status":"affected"},{"version":"Snapdragon 460 Mobile Platform","status":"affected"},{"version":"Snapdragon 480 5G Mobile Platform","status":"affected"},{"version":"Snapdragon 480+ 5G Mobile Platform","status":"affected"},{"version":"Snapdragon 662 Mobile Platform","status":"affected"},{"version":"Snapdragon 680 4G Mobile Platform","status":"affected"},{"version":"Snapdragon 685 4G Mobile Platform","status":"affected"},{"version":"Snapdragon 695 5G Mobile Platform","status":"affected"},{"version":"Snapdragon 8 Elite","status":"affected"},{"version":"Snapdragon 8 Gen 2 Mobile Platform","status":"affected"},{"version":"Snapdragon 8+ Gen 2 Mobile Platform","status":"affected"},{"version":"Snapdragon AR1 Gen 1 Platform","status":"affected"},{"version":"Snapdragon XR2 5G Platform","status":"affected"},{"version":"Snapdragon XR2+ Gen 1 Platform","status":"affected"},{"version":"Snapdragon Wear Elite platform","status":"affected"},{"version":"SRV1H","status":"affected"},{"version":"SRV1M","status":"affected"},{"version":"SXR2230P","status":"affected"},{"version":"SXR2330P","status":"affected"},{"version":"SXR2350P","status":"affected"},{"version":"Themisto","status":"affected"},{"version":"WCD9370","status":"affected"},{"version":"WCD9371","status":"affected"},{"version":"WCD9375","status":"affected"},{"version":"WCD9378","status":"affected"},{"version":"WCD9380","status":"affected"},{"version":"WCD9385","status":"affected"},{"version":"WCD9390","status":"affected"},{"version":"WCD9395","status":"affected"},{"version":"WCN3910","status":"affected"},{"version":"WCN3950","status":"affected"},{"version":"WCN3988","status":"affected"},{"version":"WCN6450","status":"affected"},{"version":"WCN6650","status":"affected"},{"version":"WCN6755","status":"affected"},{"version":"WCN7860","status":"affected"},{"version":"WCN7861","status":"affected"},{"version":"WCN7881","status":"affected"},{"version":"WSA8810","status":"affected"},{"version":"WSA8815","status":"affected"},{"version":"WSA8830","status":"affected"},{"version":"WSA8832","status":"affected"},{"version":"WSA8835","status":"affected"},{"version":"WSA8840","status":"affected"},{"version":"WSA8845","status":"affected"},{"version":"WSA8845H","status":"affected"},{"version":"X1E80100","status":"affected"},{"version":"XRV7209","status":"affected"},{"version":"XRV9209","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"product-security@qualcomm.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:L","baseScore":5.3,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"HIGH","privilegesRequired":"LOW","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"LOW"},"exploitabilityScore":1.1,"impactScore":3.7},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L","baseScore":5.3,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"LOW"},"exploitabilityScore":1.8,"impactScore":3.4}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-07T03:56:29.211167Z","id":"CVE-2026-21369","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"product-security@qualcomm.com","type":"Secondary","description":[{"lang":"en","value":"CWE-787"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:fastconnect_6200_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"CDE1CBDE-3D28-463C-B215-AA7DF373EF09"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:fastconnect_6200:-:*:*:*:*:*:*:*","matchCriteriaId":"66BD3B88-7CF9-482D-A2DD-67F6ACF4CC57"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:fastconnect_6700_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"82B82E87-F3F4-466F-A76B-C8809121FF6F"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:fastconnect_6700:-:*:*:*:*:*:*:*","matchCriteriaId":"419A132E-E42C-4395-B74B-788A39DF1D13"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:fastconnect_6900_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"E670F500-9B71-4BBE-B5DA-221D35803C89"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:fastconnect_6900:-:*:*:*:*:*:*:*","matchCriteriaId":"9ADEB5C5-B79A-4F45-B7D3-75945B38DB6C"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:fastconnect_7800_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"B3053D68-C5D8-4D47-A4F0-9F3AF2289E1D"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:fastconnect_7800:-:*:*:*:*:*:*:*","matchCriteriaId":"638DBC7F-456F-487D-BED2-2214DFF8BEE2"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:g1_gen_1_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"0556CCE6-B61B-4DE7-AD4B-333414280DF8"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:g1_gen_1:-:*:*:*:*:*:*:*","matchCriteriaId":"CC734495-D935-40CC-9644-477E921F3EE0"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:wcd9380_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"70292B01-617F-44AD-AF77-1AFC1450523D"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:wcd9380:-:*:*:*:*:*:*:*","matchCriteriaId":"FA94C6D6-85DB-4031-AAF4-C399019AE16D"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:wcd9385_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"92B17201-8185-47F1-9720-5AB4ECD11B22"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:wcd9385:-:*:*:*:*:*:*:*","matchCriteriaId":"E1FA2EB9-416F-4D69-8786-386CC73978AE"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:wcd9390_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"896F1C04-9957-440F-BF01-C3772CC3B3DF"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:wcd9390:-:*:*:*:*:*:*:*","matchCriteriaId":"A90555EB-47A7-4717-92D5-35B561825F06"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:wcd9395_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"699056F6-1517-4F25-AE07-4FFCF6923B9F"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:wcd9395:-:*:*:*:*:*:*:*","matchCriteriaId":"E4C023D2-6FF5-4FFC-B9F2-895979166580"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:wcn3910_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"9F0D7B24-D567-479A-B4F1-595FAA053418"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:wcn3910:-:*:*:*:*:*:*:*","matchCriteriaId":"33A8FAA1-F824-4561-9CCC-7F0DF12F740F"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:wcn3950_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"3FEF2DB6-00F5-4B07-953B-EF58B31267F1"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:wcn3950:-:*:*:*:*:*:*:*","matchCriteriaId":"120E8F0F-EBEB-4565-9927-2D473F783EF7"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:wcn3988_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"E4BFB25F-013B-48E3-99FF-3E8687F94423"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:wcn3988:-:*:*:*:*:*:*:*","matchCriteriaId":"BF676C5B-838B-446C-A689-6A25AB8A87E2"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:wcn6450_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"1FAFC9FA-E6EF-44C5-BD50-2824C7711541"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:wcn6450:-:*:*:*:*:*:*:*","matchCriteriaId":"6F895CDD-F9BB-45AD-AE60-71F4549114A4"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:wcn6650_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"93398092-AF7C-4F04-874C-7E5B4CF7AB00"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:wcn6650:-:*:*:*:*:*:*:*","matchCriteriaId":"7D242084-5844-4E43-8D7F-D2F8E3521F0C"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:wcn6755_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"2BC386D9-3D2B-40FA-A2D9-199BB138F46A"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:wcn6755:-:*:*:*:*:*:*:*","matchCriteriaId":"133FFD9F-FA09-4801-939B-AD1D507BE5FE"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:wcn7860_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"2EB8794F-7998-424E-AF68-E4A4F9310F65"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:wcn7860:-:*:*:*:*:*:*:*","matchCriteriaId":"799D69CE-3FCC-4B19-8B00-9AF38111D983"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:wcn7861_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"57608D47-894C-4895-B4B3-4733D55D57DB"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:wcn7861:-:*:*:*:*:*:*:*","matchCriteriaId":"2FFD2C38-1A61-4BED-ABFA-DAE0C4B78620"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:wcn7881_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"D765C392-5F38-4E6A-9E88-59629E7A6911"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:wcn7881:-:*:*:*:*:*:*:*","matchCriteriaId":"FAE8F4F9-F692-4EC0-A3FE-2CDD681DCBFD"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:wsa8810_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"15307882-7039-43E9-9BA3-035045988B99"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:wsa8810:-:*:*:*:*:*:*:*","matchCriteriaId":"AA85B322-E593-4499-829A-CC6D70BAE884"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:wsa8815_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"E839A0B9-64C3-4C7A-82B7-D2AAF65928F8"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:wsa8815:-:*:*:*:*:*:*:*","matchCriteriaId":"7E870D82-DE3B-4199-A730-C8FB545BAA98"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:wsa8830_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"11B69595-E488-4590-A150-CE5BE08B5E13"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:wsa8830:-:*:*:*:*:*:*:*","matchCriteriaId":"BF680174-5FA6-47D9-8EAB-CC2A37A7BD42"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:wsa8832_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"7ACAD26E-B79E-4659-91A5-D301281F7D36"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:wsa8832:-:*:*:*:*:*:*:*","matchCriteriaId":"F0E46DA6-9494-4D92-A4AE-A272AF6ACCCC"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:wsa8835_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"F80BC68E-7476-4A40-9F48-53722FE9A5BF"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:wsa8835:-:*:*:*:*:*:*:*","matchCriteriaId":"6B36F4B2-BAA3-45AD-9967-0EB482C99708"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:wsa8840_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"CA33DE15-C177-43B3-AD50-FF797753D12E"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:wsa8840:-:*:*:*:*:*:*:*","matchCriteriaId":"AE1A5841-5BCB-4033-ACB9-23F3FCA65309"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:wsa8845_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"5B47BF35-3AA0-4667-842E-19B0FE30BF3C"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:wsa8845:-:*:*:*:*:*:*:*","matchCriteriaId":"8A071672-9405-4418-9141-35CEADBB65AF"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:wsa8845h_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"BB7CF473-8B25-4851-91F2-1BD693CCDC85"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:wsa8845h:-:*:*:*:*:*:*:*","matchCriteriaId":"91E591F2-8F72-4A5A-9264-2742EB2DABDA"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:x1e80100_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"42F453E4-02CC-4E48-A25B-F1394069F524"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:x1e80100:-:*:*:*:*:*:*:*","matchCriteriaId":"8A6671AE-3490-4D85-A20C-3DA26F7D7AEB"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:xrv7209_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"CC6C6243-E092-4903-BC20-E3B0CECBC790"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:xrv7209:-:*:*:*:*:*:*:*","matchCriteriaId":"AAA33761-D61C-4A81-B233-5E2D50F3596F"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:xrv9209_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"3D693483-72F9-42B1-8EDA-8DABD537F428"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:xrv9209:-:*:*:*:*:*:*:*","matchCriteriaId":"43F4A7D9-055D-475B-BFE4-61A86C7397F8"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:g3x_gen_2_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"C167BE19-999E-4538-A23E-01F9C287A6C7"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:g3x_gen_2:-:*:*:*:*:*:*:*","matchCriteriaId":"1026CB5F-E30A-42DE-8432-74412CC8BA00"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:iq-9075_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"08431A88-C176-48BB-918C-DF3FEABE78D4"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:iq-9075:-:*:*:*:*:*:*:*","matchCriteriaId":"3C50A35E-023A-404D-BFBC-FFCD1F30E872"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:kalpeni_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"5A2D4C45-005F-4A02-BFD7-84893FF1A0E8"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:kalpeni:-:*:*:*:*:*:*:*","matchCriteriaId":"B3178A79-485F-40DB-A71D-B29BD3875A7D"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:lemans_au_lgit_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"5767FE95-737F-4C20-A5AB-EC641A68D906"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:lemans_au_lgit:-:*:*:*:*:*:*:*","matchCriteriaId":"33323A49-9267-421B-96E1-80C5FA709EBC"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:lemansau_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"2DF0ED3F-C98B-458E-ADCC-C922402BB185"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:lemansau:-:*:*:*:*:*:*:*","matchCriteriaId":"102A4B5E-1739-4C31-A626-ABF6B02FEE29"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:pandeiro_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"23F8EF0C-BB48-47E1-A045-254D79388F75"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:pandeiro:-:*:*:*:*:*:*:*","matchCriteriaId":"058950FC-ED72-4E91-AE13-87E738ADC083"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:qam8255p_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"3723C7B1-A7E2-401F-8D6D-189350F6BCA5"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:qam8255p:-:*:*:*:*:*:*:*","matchCriteriaId":"B12B89EF-7B12-481E-BCBC-F12B9D16321A"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:qam8295p_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"C2D9E281-B382-41AC-84CB-5B1063E5AC51"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:qam8295p:-:*:*:*:*:*:*:*","matchCriteriaId":"44EBEBD5-98C3-493B-A108-FD4DE6FFBE97"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:qamsrv1h_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"F8673334-5E11-4E95-B33D-3029499F71DF"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:qamsrv1h:-:*:*:*:*:*:*:*","matchCriteriaId":"EC0B32F6-5EF0-4591-99D7-D0E9B09DEC5A"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:qamsrv1m_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"CE03AB2A-3ED9-4489-8E5B-4FCF8BAA8559"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:qamsrv1m:-:*:*:*:*:*:*:*","matchCriteriaId":"9E646738-6A87-4470-9640-6A5A1DF3AF78"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:qca6574au_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"D527E2B1-2A46-4FBA-9F7A-F5543677C8FB"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:qca6574au:-:*:*:*:*:*:*:*","matchCriteriaId":"8374DDB3-D484-4141-AE0C-42333D2721F6"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:qca6595_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"643EC76D-2836-48E6-81DA-78C4883C33CA"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:qca6595:-:*:*:*:*:*:*:*","matchCriteriaId":"477F6529-4CE1-44FC-B6EE-D24D44C71AE7"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:qca6688aq_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"AFBD264F-F24A-4CDD-B316-9514A61B91E7"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:qca6688aq:-:*:*:*:*:*:*:*","matchCriteriaId":"94CC5BC4-011D-4D2B-8891-97FBF61FD783"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:qca6696_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"0AE207DB-9770-40ED-961D-FDA75965826F"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:qca6696:-:*:*:*:*:*:*:*","matchCriteriaId":"0E23922D-C37F-476F-A623-4C1458A9156F"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:qca6698aq_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"5FA1F8F4-EAF2-4704-A8A6-19AD3CA1B577"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:qca6698aq:-:*:*:*:*:*:*:*","matchCriteriaId":"B3F7853D-09EE-476F-B48D-BB30AEB4A67D"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:qca6797aq_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"797295C2-535C-46A9-A725-E1A5405F0436"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:qca6797aq:-:*:*:*:*:*:*:*","matchCriteriaId":"8BFC575E-594E-4711-94B1-2DC8D03B9AC4"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:qca8695au_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"55A21DB0-4722-4421-8E97-B0E31B93E53B"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:qca8695au:-:*:*:*:*:*:*:*","matchCriteriaId":"797B8944-61F0-4522-97FE-3C172369F477"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:qcm2290_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"5AB1F0FA-25F3-4304-A3BC-5264E55CC092"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:qcm2290:-:*:*:*:*:*:*:*","matchCriteriaId":"214A053F-D80C-4AD9-B4F1-83384095A3F3"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:qcm4325_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"F2D8044B-D4E5-4174-A0FB-478F8434EE8F"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:qcm4325:-:*:*:*:*:*:*:*","matchCriteriaId":"163FE96E-DF5B-4B67-8EDE-44A5B9A8492D"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:qcm4490_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"DA506489-4338-44DF-8F92-12E60AF0048C"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:qcm4490:-:*:*:*:*:*:*:*","matchCriteriaId":"A8718C37-A82A-4A08-A887-3F22B37601A9"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:qcm5430_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"4EC5F81B-AA24-4E3C-9FC8-53E010AC977E"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:qcm5430:-:*:*:*:*:*:*:*","matchCriteriaId":"B5C66DAD-0D85-46B8-92D7-6D68B9429E9A"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:qcm6490_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"ADD6D51E-5787-42A6-8A02-4EBBAFFF9C94"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:qcm6490:-:*:*:*:*:*:*:*","matchCriteriaId":"99AA0291-B822-4CAD-BA17-81B632FC3FEF"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:qcm8838_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"7C6535AE-8680-4AB9-ABF6-82DAE1795531"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:qcm8838:-:*:*:*:*:*:*:*","matchCriteriaId":"9C3FEACB-1AE1-4BF2-9552-C31A32DCCA9B"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:qcs2290_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"93CDB7BC-89F2-4482-B8E3-9DDBD918C851"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:qcs2290:-:*:*:*:*:*:*:*","matchCriteriaId":"76E03AE9-2485-449B-BCFD-3E452BB01FC6"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:qcs4290_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"06789CB9-E6FA-400D-90B6-C2DB6C8EF153"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:qcs4290:-:*:*:*:*:*:*:*","matchCriteriaId":"FFCB9F22-57F2-4327-95B9-B2342A02E45E"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:qcs4490_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"3336CDD7-9E7B-4FFB-A5CE-594B19B63A6C"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:qcs4490:-:*:*:*:*:*:*:*","matchCriteriaId":"1197E229-1E27-4CA3-A386-B77FAE5DFE1A"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:qln1083bd_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"FD70F234-1EE7-4362-97F6-5AEDB7078D03"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:qln1083bd:-:*:*:*:*:*:*:*","matchCriteriaId":"C569A848-B70C-42EF-B6D5-4A86547586EE"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:qln1086bd_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"F218DF06-C40A-4738-ABB5-A3FA2243EF84"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:qln1086bd:-:*:*:*:*:*:*:*","matchCriteriaId":"2E2A0CD0-66FA-45D6-BBC7-03641203EC73"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:qpa1083bd_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"B0208F7B-A959-485E-B004-A34CB7C7C4C9"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:qpa1083bd:-:*:*:*:*:*:*:*","matchCriteriaId":"FBDAC812-4603-4D24-A861-23825E32D44E"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:qpa1086bd_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"7F6DEF72-A8FF-4B67-AA6C-5CB4AA7B35E1"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:qpa1086bd:-:*:*:*:*:*:*:*","matchCriteriaId":"00EF6875-B088-40BD-A526-C962789CDC5A"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:video_collaboration_vc3_platform_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"DD4946C6-778F-4542-AB77-C9B86AF25C05"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:video_collaboration_vc3_platform:-:*:*:*:*:*:*:*","matchCriteriaId":"6F1D604A-4530-42B3-80A0-58A82D658DDD"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:qxm1093_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"9A46B609-BD06-4BB7-B055-1F71C555E93D"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:qxm1093:-:*:*:*:*:*:*:*","matchCriteriaId":"59598462-1E53-4F6D-BAB5-06ACEDF6CD9F"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:qxm1094_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"8F30D66E-2802-4394-BC39-5E04711234FF"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:qxm1094:-:*:*:*:*:*:*:*","matchCriteriaId":"078EC383-784F-4468-B94C-AE7CC9808419"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:qxm1095_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"B7B67C93-0453-4696-8F3D-0AD664922C44"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:qxm1095:-:*:*:*:*:*:*:*","matchCriteriaId":"D61C46AA-9130-46A8-BD04-8B4235118B81"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:qxm1096_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"2E2D5E44-48F6-41E8-A38B-A2E070E16AA9"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:qxm1096:-:*:*:*:*:*:*:*","matchCriteriaId":"9BD0372F-5140-4966-9A27-6B5A606C0665"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:sa6155p_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"8DC40C14-3B2D-4E00-9E0F-86E6BDBF2D81"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:sa6155p:-:*:*:*:*:*:*:*","matchCriteriaId":"0514D433-162C-4680-8912-721D19BE6201"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:sa7255p_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"2B651F0A-34DA-400F-A376-B499BFDF8E86"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:sa7255p:-:*:*:*:*:*:*:*","matchCriteriaId":"4CFF093D-98C8-470F-8330-E5126E06343A"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:sa7775p_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"6C32CA38-5D48-4108-9858-FD66E20CAF2F"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:sa7775p:-:*:*:*:*:*:*:*","matchCriteriaId":"E1997F8B-17B8-4DE3-BCF7-726928720592"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:sa8155p_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"C8648B38-2597-401A-8F53-D582FA911569"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:sa8155p:-:*:*:*:*:*:*:*","matchCriteriaId":"A01CD59B-8F21-4CD6-8A1A-7B37547A8715"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:sa8195p_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"51BC0A66-493B-43BE-B51F-640BDF2FF32E"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:sa8195p:-:*:*:*:*:*:*:*","matchCriteriaId":"D8DA4D12-7ABF-4A04-B44E-E1D68C8E58AB"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:sa8255p_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"EC6E268D-C4AF-4950-9223-39EA36D538A8"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:sa8255p:-:*:*:*:*:*:*:*","matchCriteriaId":"073C1A81-D02B-4F2F-9378-CD1B2DCE0E5B"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:sa8295p_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"2A19659B-A0C3-44B7-8D54-BA21729873A4"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:sa8295p:-:*:*:*:*:*:*:*","matchCriteriaId":"F978041A-CE28-4BDF-A7DB-F0360F1A5F14"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:sa8620p_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"6ACE6D64-A498-482F-8270-718F4884CFFD"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:sa8620p:-:*:*:*:*:*:*:*","matchCriteriaId":"B6E016D6-1B83-4261-A27E-1F9873F81E14"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:sa8770p_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"781CCC31-C08F-499B-BE73-6C7DB70437AF"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:sa8770p:-:*:*:*:*:*:*:*","matchCriteriaId":"75AFAA21-0589-4C6A-9418-34EE8A61BBAD"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:sa9000p_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"A024AB04-B213-4018-A4C1-FA467C7BA775"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:sa9000p:-:*:*:*:*:*:*:*","matchCriteriaId":"A2A8AB7C-5D34-4794-8C06-2193075B323F"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:sar2130p_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"95696696-D2AE-4358-AF5D-3ED14F969964"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:sar2130p:-:*:*:*:*:*:*:*","matchCriteriaId":"1A6FC469-463F-4EC1-B4EF-010BDB9BAA05"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:sc8380xp_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"14E3FE58-7F1C-4F5C-B62D-0CF124E14AB2"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:sc8380xp:-:*:*:*:*:*:*:*","matchCriteriaId":"FFCB0BBA-3F81-4FCA-B3DE-190C46DA50DB"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:sd662_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"C7BE7001-5539-4C5E-A064-6E62023803AE"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:sd662:-:*:*:*:*:*:*:*","matchCriteriaId":"06661DAC-5D22-433E-B5EC-486931E265B4"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:sd865_5g_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"72433485-B229-46A6-BCA4-394AA4EEA683"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:sd865_5g:-:*:*:*:*:*:*:*","matchCriteriaId":"04D40EC4-BF31-4BFD-8D0A-8193F541AF02"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:sdr753_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"A49B142B-E8DC-4A79-B969-2C2FBE2E009A"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:sdr753:-:*:*:*:*:*:*:*","matchCriteriaId":"8A1A6C7D-EAB0-4D8D-9A3E-DA066F4ACF7D"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:sm6225p_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"8D2B7D93-4218-4FFF-B1C0-F50EC0B2B934"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:sm6225p:-:*:*:*:*:*:*:*","matchCriteriaId":"00D9DCE1-B3CD-4F45-97DD-637AA27572DD"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:sm7525_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"2410FF59-E0C0-4920-9656-C398DB06DEAE"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:sm7525:-:*:*:*:*:*:*:*","matchCriteriaId":"7D2B800C-4DBC-4028-875D-667C87D75247"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:sm7550_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"EEA5CE41-0596-4D38-9891-D1DF711EA7E9"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:sm7550:-:*:*:*:*:*:*:*","matchCriteriaId":"E1A901C6-FB73-4361-B391-4A4AF8C70029"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:sm7550p_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"5C5D7E2C-0955-4B6E-96E4-CFA06D937492"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:sm7550p:-:*:*:*:*:*:*:*","matchCriteriaId":"9D1D0F33-AD5A-4826-9A06-EAD2A8709974"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:sm8550p_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"C4CDD6A2-5A3C-4572-8CE1-2F102333BB79"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:sm8550p:-:*:*:*:*:*:*:*","matchCriteriaId":"699E5D17-6144-4F0A-8D52-1E8C83990E52"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:snapdragon_4_gen_1_mobile_platform_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"2CCBF666-CB4E-44E1-9676-6891EDC73578"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:snapdragon_4_gen_1_mobile_platform:-:*:*:*:*:*:*:*","matchCriteriaId":"C767AB6A-1A8C-406C-A600-96A816F44E2F"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:snapdragon_460_mobile_platform_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"390D7CAF-6C0B-4438-AA7D-AEEE127F4D3C"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:snapdragon_460_mobile_platform:-:*:*:*:*:*:*:*","matchCriteriaId":"5BB1FC5E-CF6F-4E54-B78D-C01AFD034903"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:snapdragon_480_5g_mobile_platform_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"CA3F11F3-C9F4-460D-BD77-1BFBCC1F0592"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:snapdragon_480_5g_mobile_platform:-:*:*:*:*:*:*:*","matchCriteriaId":"25673A10-D99C-4F67-BDA7-9C2E4A70EF9C"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:snapdragon_480\\+_5g_mobile_platform_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"50906EF2-01F7-4E97-9F49-F892DF41CB29"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:snapdragon_480\\+_5g_mobile_platform:-:*:*:*:*:*:*:*","matchCriteriaId":"B23A89FF-9C94-40C6-B9B7-3E8354777916"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:snapdragon_662_mobile_platform_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"37DF4D73-3ACC-41B3-8CA4-20DAECE6BFB7"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:snapdragon_662_mobile_platform:-:*:*:*:*:*:*:*","matchCriteriaId":"FE08D23A-2D0D-4472-8847-27B955F55165"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:snapdragon_680_4g_mobile_platform_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"8D0ED00F-1345-43AD-83C6-E979890B84AB"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:snapdragon_680_4g_mobile_platform:-:*:*:*:*:*:*:*","matchCriteriaId":"92C28019-B57D-4487-B551-F7B53395C6E5"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:snapdragon_685_4g_mobile_platform_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"C174F07D-0E33-43FD-9BAD-6C6D8B51B6A6"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:snapdragon_685_4g_mobile_platform:-:*:*:*:*:*:*:*","matchCriteriaId":"47311B68-A07F-448B-99D5-9C92C8127A81"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:snapdragon_695_5g_mobile_platform_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"A9A2DA11-5E4E-4E36-923C-A2D3CC2F2751"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:snapdragon_695_5g_mobile_platform:-:*:*:*:*:*:*:*","matchCriteriaId":"BE7DFAD4-1D21-4A3A-9E8C-10F00AD7C403"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:snapdragon_8_elite_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"3EA50192-07B0-4404-93D4-EC4F3B1918B7"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:snapdragon_8_elite:-:*:*:*:*:*:*:*","matchCriteriaId":"26C7FC48-08CB-4E50-B8D3-8AF30549FDF8"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:snapdragon_8_gen_2_mobile_platform_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"60F5899C-BA8D-4B6B-BC61-F77B1EB64739"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:snapdragon_8_gen_2_mobile_platform:-:*:*:*:*:*:*:*","matchCriteriaId":"D39AD7CE-A017-4D74-A348-9E4B08363799"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:snapdragon_8\\+_gen_2_mobile_platform_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"1FEDF458-DEA7-42A1-A56D-E11250139545"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:snapdragon_8\\+_gen_2_mobile_platform:-:*:*:*:*:*:*:*","matchCriteriaId":"D5693438-0F20-47BB-BA32-7175C3152368"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:snapdragon_ar1_gen_1_platform_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"53E5BBDA-C07D-42E2-9A34-EC1F6454CAA4"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:snapdragon_ar1_gen_1_platform:-:*:*:*:*:*:*:*","matchCriteriaId":"0BB2408F-C768-4DD2-B834-B62E188D6CC2"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:snapdragon_xr2_5g_platform_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"1A129620-8241-4A47-AAC8-CC7E10A09C9C"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:snapdragon_xr2_5g_platform:-:*:*:*:*:*:*:*","matchCriteriaId":"4CEDD78E-124C-4216-9B57-3B7B53463659"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:snapdragon_xr2\\+_gen_1_platform_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"BF9740EB-F82E-42EA-993E-A393B05CC6BB"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:snapdragon_xr2\\+_gen_1_platform:-:*:*:*:*:*:*:*","matchCriteriaId":"022A5532-03F7-4FB8-BA0D-4221178C9486"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:snapdragon_wear_elite_platform_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"21C295D3-AC5D-4DFC-A0B1-3B5F7C08DC46"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:snapdragon_wear_elite_platform:-:*:*:*:*:*:*:*","matchCriteriaId":"A32D44E3-02FC-47AA-B6FF-E87F5866E453"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:srv1h_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"0CD199F5-DA68-4BEB-AA99-11572DA26B4F"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:srv1h:-:*:*:*:*:*:*:*","matchCriteriaId":"8ACA2D4D-FC77-4C1A-8278-1C27B3EA3303"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:srv1m_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"E4B29E7F-8BFE-466A-B357-63F8A2160C4E"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:srv1m:-:*:*:*:*:*:*:*","matchCriteriaId":"6D55CC7D-2E65-4CA9-9892-B6FBCC087E6F"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:sxr2230p_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"CD6444F6-A477-4B4C-8A09-C22C47CCE45B"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:sxr2230p:-:*:*:*:*:*:*:*","matchCriteriaId":"F3E20681-4FC4-46E2-AF77-BCF03BC8E77E"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:sxr2330p_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"568C5B08-AC42-48D3-8029-A65689EEBE75"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:sxr2330p:-:*:*:*:*:*:*:*","matchCriteriaId":"56DD2B49-0A36-443C-BECB-4115E271A415"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:sxr2350p_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"AA54D269-A94D-47CB-B3F1-7B163E453A67"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:sxr2350p:-:*:*:*:*:*:*:*","matchCriteriaId":"F1D79422-1EA3-459A-8C4A-8A0FBE386036"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:themisto_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"55DE7B27-56A2-4046-9E03-8215587C8827"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:themisto:-:*:*:*:*:*:*:*","matchCriteriaId":"0853EA22-4EFD-4037-8B83-CB7C18417D23"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:wcd9370_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"1295D869-F4DD-4766-B4AA-3513752F43B4"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:wcd9370:-:*:*:*:*:*:*:*","matchCriteriaId":"B98784DC-3143-4D38-AD28-DBBDCCAB4272"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:wcd9371_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"2503805B-B2A6-4AEE-8AB1-2B8A040702BD"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:wcd9371:-:*:*:*:*:*:*:*","matchCriteriaId":"D3AD370C-2ED0-43CF-83D9-50DC92A01CA5"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:wcd9375_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"34143ABA-7D09-429F-A65C-3A33438BF62C"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:wcd9375:-:*:*:*:*:*:*:*","matchCriteriaId":"9D56DFE3-5EF1-4B23-BBD5-0203FBF9CCEC"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:wcd9378_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"4CFDBB5B-0A4F-4032-874F-D2A7EF933FB0"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:wcd9378:-:*:*:*:*:*:*:*","matchCriteriaId":"D28A12D6-CC60-4BE9-ADEE-FAB58B05440F"}]}]}],"references":[{"url":"https://docs.qualcomm.com/product/publicresources/securitybulletin/july-2026-bulletin.html","source":"product-security@qualcomm.com","tags":["Patch","Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-21370","sourceIdentifier":"product-security@qualcomm.com","published":"2026-07-06T21:16:53.707","lastModified":"2026-07-07T16:47:47.907","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Memory Corruption when validating input batch size and buffer plane count exceeds maximum allowed values."}],"affected":[{"source":"product-security@qualcomm.com","affectedData":[{"vendor":"Qualcomm, Inc.","product":"Snapdragon","defaultStatus":"unaffected","platforms":["Snapdragon Auto","Snapdragon Compute","Snapdragon Industrial IOT","Snapdragon Mobile"],"versions":[{"version":"FastConnect 6700","status":"affected"},{"version":"FastConnect 6900","status":"affected"},{"version":"FastConnect 7800","status":"affected"},{"version":"G3x Gen 2","status":"affected"},{"version":"IQ9 Series Platform","status":"affected"},{"version":"LeMans_AU_LGIT","status":"affected"},{"version":"LeMansAU","status":"affected"},{"version":"Netrani","status":"affected"},{"version":"Pandeiro","status":"affected"},{"version":"QAM8255P","status":"affected"},{"version":"QAMSRV1H","status":"affected"},{"version":"QAMSRV1M","status":"affected"},{"version":"QCA6595","status":"affected"},{"version":"QCA6595AU","status":"affected"},{"version":"QCA6678AQ","status":"affected"},{"version":"QCA6698AQ","status":"affected"},{"version":"QCA6698AU","status":"affected"},{"version":"QCA6797AQ","status":"affected"},{"version":"QCM4490","status":"affected"},{"version":"QCM8838","status":"affected"},{"version":"QCS4490","status":"affected"},{"version":"QCS8550","status":"affected"},{"version":"QLN1083BD","status":"affected"},{"version":"QLN1086BD","status":"affected"},{"version":"QPA1083BD","status":"affected"},{"version":"QPA1086BD","status":"affected"},{"version":"QXM1093","status":"affected"},{"version":"QXM1094","status":"affected"},{"version":"QXM1095","status":"affected"},{"version":"QXM1096","status":"affected"},{"version":"SA7255P","status":"affected"},{"version":"SA7775P","status":"affected"},{"version":"SA8255P","status":"affected"},{"version":"SA8620P","status":"affected"},{"version":"SA8770P","status":"affected"},{"version":"SA9000P","status":"affected"},{"version":"SAR2130P","status":"affected"},{"version":"SC8380XP","status":"affected"},{"version":"SD 8 Gen1 5G","status":"affected"},{"version":"SD865 5G","status":"affected"},{"version":"SDR753","status":"affected"},{"version":"SM7435","status":"affected"},{"version":"SM7525","status":"affected"},{"version":"SM7550","status":"affected"},{"version":"SM7550P","status":"affected"},{"version":"SM8550P","status":"affected"},{"version":"Snapdragon 4 Gen 2 Mobile Platform","status":"affected"},{"version":"Snapdragon 460 Mobile Platform","status":"affected"},{"version":"Snapdragon 6 Gen 1 Mobile Platform","status":"affected"},{"version":"Snapdragon 6 Gen 3 Mobile Platform","status":"affected"},{"version":"Snapdragon 662 Mobile Platform","status":"affected"},{"version":"Snapdragon 7 Gen 1 Mobile Platform","status":"affected"},{"version":"Snapdragon 8 Elite","status":"affected"},{"version":"Snapdragon 8 Gen 1 Mobile Platform","status":"affected"},{"version":"Snapdragon 8 Gen 2 Mobile Platform","status":"affected"},{"version":"Snapdragon 8+ Gen 2 Mobile Platform","status":"affected"},{"version":"Snapdragon AR1 Gen 1 Platform","status":"affected"},{"version":"Snapdragon XR2 5G Platform","status":"affected"},{"version":"Snapdragon XR2+ Gen 1 Platform","status":"affected"},{"version":"SRV1H","status":"affected"},{"version":"SRV1M","status":"affected"},{"version":"SXR2230P","status":"affected"},{"version":"SXR2330P","status":"affected"},{"version":"SXR2350P","status":"affected"},{"version":"WCD9370","status":"affected"},{"version":"WCD9371","status":"affected"},{"version":"WCD9375","status":"affected"},{"version":"WCD9378","status":"affected"},{"version":"WCD9380","status":"affected"},{"version":"WCD9385","status":"affected"},{"version":"WCD9390","status":"affected"},{"version":"WCD9395","status":"affected"},{"version":"WCN3950","status":"affected"},{"version":"WCN3988","status":"affected"},{"version":"WCN6450","status":"affected"},{"version":"WCN6650","status":"affected"},{"version":"WCN6755","status":"affected"},{"version":"WCN7860","status":"affected"},{"version":"WCN7861","status":"affected"},{"version":"WCN7881","status":"affected"},{"version":"WSA8810","status":"affected"},{"version":"WSA8815","status":"affected"},{"version":"WSA8830","status":"affected"},{"version":"WSA8832","status":"affected"},{"version":"WSA8835","status":"affected"},{"version":"WSA8840","status":"affected"},{"version":"WSA8845","status":"affected"},{"version":"WSA8845H","status":"affected"},{"version":"X1E80100","status":"affected"},{"version":"XRV7209","status":"affected"},{"version":"XRV9209","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"product-security@qualcomm.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:L","baseScore":5.3,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"HIGH","privilegesRequired":"LOW","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"LOW"},"exploitabilityScore":1.1,"impactScore":3.7},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L","baseScore":5.3,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"LOW"},"exploitabilityScore":1.8,"impactScore":3.4}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-07T03:56:30.364147Z","id":"CVE-2026-21370","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"product-security@qualcomm.com","type":"Secondary","description":[{"lang":"en","value":"CWE-787"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:fastconnect_6700_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"82B82E87-F3F4-466F-A76B-C8809121FF6F"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:fastconnect_6700:-:*:*:*:*:*:*:*","matchCriteriaId":"419A132E-E42C-4395-B74B-788A39DF1D13"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:fastconnect_6900_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"E670F500-9B71-4BBE-B5DA-221D35803C89"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:fastconnect_6900:-:*:*:*:*:*:*:*","matchCriteriaId":"9ADEB5C5-B79A-4F45-B7D3-75945B38DB6C"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:fastconnect_7800_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"B3053D68-C5D8-4D47-A4F0-9F3AF2289E1D"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:fastconnect_7800:-:*:*:*:*:*:*:*","matchCriteriaId":"638DBC7F-456F-487D-BED2-2214DFF8BEE2"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:g3x_gen_2_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"C167BE19-999E-4538-A23E-01F9C287A6C7"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:g3x_gen_2:-:*:*:*:*:*:*:*","matchCriteriaId":"1026CB5F-E30A-42DE-8432-74412CC8BA00"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:iq-9075_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"08431A88-C176-48BB-918C-DF3FEABE78D4"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:iq-9075:-:*:*:*:*:*:*:*","matchCriteriaId":"3C50A35E-023A-404D-BFBC-FFCD1F30E872"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:lemans_au_lgit_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"5767FE95-737F-4C20-A5AB-EC641A68D906"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:lemans_au_lgit:-:*:*:*:*:*:*:*","matchCriteriaId":"33323A49-9267-421B-96E1-80C5FA709EBC"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:lemansau_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"2DF0ED3F-C98B-458E-ADCC-C922402BB185"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:lemansau:-:*:*:*:*:*:*:*","matchCriteriaId":"102A4B5E-1739-4C31-A626-ABF6B02FEE29"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:netrani_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"9C52A53B-1182-47F3-9800-D8C58F954277"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:netrani:-:*:*:*:*:*:*:*","matchCriteriaId":"BEC1F084-78C8-4413-940A-47E9554CB6D0"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:pandeiro_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"23F8EF0C-BB48-47E1-A045-254D79388F75"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:pandeiro:-:*:*:*:*:*:*:*","matchCriteriaId":"058950FC-ED72-4E91-AE13-87E738ADC083"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:qam8255p_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"3723C7B1-A7E2-401F-8D6D-189350F6BCA5"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:qam8255p:-:*:*:*:*:*:*:*","matchCriteriaId":"B12B89EF-7B12-481E-BCBC-F12B9D16321A"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:qamsrv1h_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"F8673334-5E11-4E95-B33D-3029499F71DF"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:qamsrv1h:-:*:*:*:*:*:*:*","matchCriteriaId":"EC0B32F6-5EF0-4591-99D7-D0E9B09DEC5A"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:qamsrv1m_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"CE03AB2A-3ED9-4489-8E5B-4FCF8BAA8559"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:qamsrv1m:-:*:*:*:*:*:*:*","matchCriteriaId":"9E646738-6A87-4470-9640-6A5A1DF3AF78"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:qca6595_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"643EC76D-2836-48E6-81DA-78C4883C33CA"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:qca6595:-:*:*:*:*:*:*:*","matchCriteriaId":"477F6529-4CE1-44FC-B6EE-D24D44C71AE7"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:qca6595au_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"288F637F-22F8-47CF-B67F-C798A730A1BD"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:qca6595au:-:*:*:*:*:*:*:*","matchCriteriaId":"D0996EA3-1C92-4933-BE34-9CF625E59FE7"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:qca6678aq_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"D001127D-8160-42F0-B8B9-2FAA2976B530"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:qca6678aq:-:*:*:*:*:*:*:*","matchCriteriaId":"C9EB615F-FD4C-450B-AB25-E936FD9816C4"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:qca6698aq_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"5FA1F8F4-EAF2-4704-A8A6-19AD3CA1B577"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:qca6698aq:-:*:*:*:*:*:*:*","matchCriteriaId":"B3F7853D-09EE-476F-B48D-BB30AEB4A67D"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:qca6698au_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"3ACA09C0-84A5-493A-A9BD-EF95A8330D54"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:qca6698au:-:*:*:*:*:*:*:*","matchCriteriaId":"3A2397BD-431C-4730-92E3-17A5C2445A65"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:qca6797aq_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"797295C2-535C-46A9-A725-E1A5405F0436"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:qca6797aq:-:*:*:*:*:*:*:*","matchCriteriaId":"8BFC575E-594E-4711-94B1-2DC8D03B9AC4"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:qcm4490_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"DA506489-4338-44DF-8F92-12E60AF0048C"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:qcm4490:-:*:*:*:*:*:*:*","matchCriteriaId":"A8718C37-A82A-4A08-A887-3F22B37601A9"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:qcm8838_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"7C6535AE-8680-4AB9-ABF6-82DAE1795531"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:qcm8838:-:*:*:*:*:*:*:*","matchCriteriaId":"9C3FEACB-1AE1-4BF2-9552-C31A32DCCA9B"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:qcs4490_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"3336CDD7-9E7B-4FFB-A5CE-594B19B63A6C"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:qcs4490:-:*:*:*:*:*:*:*","matchCriteriaId":"1197E229-1E27-4CA3-A386-B77FAE5DFE1A"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:qcs8550_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"FFF23DDB-98A0-4343-ADD3-5AB9C2383E7E"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:qcs8550:-:*:*:*:*:*:*:*","matchCriteriaId":"5ACB8AFB-5B91-4AA1-BA3A-1AF0B3503080"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:qln1083bd_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"FD70F234-1EE7-4362-97F6-5AEDB7078D03"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:qln1083bd:-:*:*:*:*:*:*:*","matchCriteriaId":"C569A848-B70C-42EF-B6D5-4A86547586EE"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:qln1086bd_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"F218DF06-C40A-4738-ABB5-A3FA2243EF84"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:qln1086bd:-:*:*:*:*:*:*:*","matchCriteriaId":"2E2A0CD0-66FA-45D6-BBC7-03641203EC73"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:qpa1083bd_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"B0208F7B-A959-485E-B004-A34CB7C7C4C9"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:qpa1083bd:-:*:*:*:*:*:*:*","matchCriteriaId":"FBDAC812-4603-4D24-A861-23825E32D44E"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:qpa1086bd_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"7F6DEF72-A8FF-4B67-AA6C-5CB4AA7B35E1"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:qpa1086bd:-:*:*:*:*:*:*:*","matchCriteriaId":"00EF6875-B088-40BD-A526-C962789CDC5A"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:qxm1093_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"9A46B609-BD06-4BB7-B055-1F71C555E93D"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:qxm1093:-:*:*:*:*:*:*:*","matchCriteriaId":"59598462-1E53-4F6D-BAB5-06ACEDF6CD9F"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:qxm1094_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"8F30D66E-2802-4394-BC39-5E04711234FF"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:qxm1094:-:*:*:*:*:*:*:*","matchCriteriaId":"078EC383-784F-4468-B94C-AE7CC9808419"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:qxm1095_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"B7B67C93-0453-4696-8F3D-0AD664922C44"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:qxm1095:-:*:*:*:*:*:*:*","matchCriteriaId":"D61C46AA-9130-46A8-BD04-8B4235118B81"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:qxm1096_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"2E2D5E44-48F6-41E8-A38B-A2E070E16AA9"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:qxm1096:-:*:*:*:*:*:*:*","matchCriteriaId":"9BD0372F-5140-4966-9A27-6B5A606C0665"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:sa7255p_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"2B651F0A-34DA-400F-A376-B499BFDF8E86"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:sa7255p:-:*:*:*:*:*:*:*","matchCriteriaId":"4CFF093D-98C8-470F-8330-E5126E06343A"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:sa7775p_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"6C32CA38-5D48-4108-9858-FD66E20CAF2F"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:sa7775p:-:*:*:*:*:*:*:*","matchCriteriaId":"E1997F8B-17B8-4DE3-BCF7-726928720592"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:sa8255p_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"EC6E268D-C4AF-4950-9223-39EA36D538A8"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:sa8255p:-:*:*:*:*:*:*:*","matchCriteriaId":"073C1A81-D02B-4F2F-9378-CD1B2DCE0E5B"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:sa8620p_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"6ACE6D64-A498-482F-8270-718F4884CFFD"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:sa8620p:-:*:*:*:*:*:*:*","matchCriteriaId":"B6E016D6-1B83-4261-A27E-1F9873F81E14"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:sa8770p_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"781CCC31-C08F-499B-BE73-6C7DB70437AF"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:sa8770p:-:*:*:*:*:*:*:*","matchCriteriaId":"75AFAA21-0589-4C6A-9418-34EE8A61BBAD"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:sa9000p_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"A024AB04-B213-4018-A4C1-FA467C7BA775"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:sa9000p:-:*:*:*:*:*:*:*","matchCriteriaId":"A2A8AB7C-5D34-4794-8C06-2193075B323F"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:sar2130p_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"95696696-D2AE-4358-AF5D-3ED14F969964"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:sar2130p:-:*:*:*:*:*:*:*","matchCriteriaId":"1A6FC469-463F-4EC1-B4EF-010BDB9BAA05"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:sc8380xp_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"14E3FE58-7F1C-4F5C-B62D-0CF124E14AB2"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:sc8380xp:-:*:*:*:*:*:*:*","matchCriteriaId":"FFCB0BBA-3F81-4FCA-B3DE-190C46DA50DB"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:sd_8_gen1_5g_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"76910884-45D9-4EA2-BA30-44A8C7CC1339"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:sd_8_gen1_5g:-:*:*:*:*:*:*:*","matchCriteriaId":"33D393A6-4586-4416-86EB-F9D86DC3DED8"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:sd865_5g_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"72433485-B229-46A6-BCA4-394AA4EEA683"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:sd865_5g:-:*:*:*:*:*:*:*","matchCriteriaId":"04D40EC4-BF31-4BFD-8D0A-8193F541AF02"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:sdr753_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"A49B142B-E8DC-4A79-B969-2C2FBE2E009A"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:sdr753:-:*:*:*:*:*:*:*","matchCriteriaId":"8A1A6C7D-EAB0-4D8D-9A3E-DA066F4ACF7D"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:sm7435_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"F7A95A9E-617A-4D3A-9A4E-0C0A29B3C8B5"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:sm7435:-:*:*:*:*:*:*:*","matchCriteriaId":"3559292E-B5A6-4F88-BC20-F6AA85F07C97"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:sm7525_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"2410FF59-E0C0-4920-9656-C398DB06DEAE"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:sm7525:-:*:*:*:*:*:*:*","matchCriteriaId":"7D2B800C-4DBC-4028-875D-667C87D75247"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:sm7550_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"EEA5CE41-0596-4D38-9891-D1DF711EA7E9"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:sm7550:-:*:*:*:*:*:*:*","matchCriteriaId":"E1A901C6-FB73-4361-B391-4A4AF8C70029"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:sm7550p_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"5C5D7E2C-0955-4B6E-96E4-CFA06D937492"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:sm7550p:-:*:*:*:*:*:*:*","matchCriteriaId":"9D1D0F33-AD5A-4826-9A06-EAD2A8709974"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:sm8550p_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"C4CDD6A2-5A3C-4572-8CE1-2F102333BB79"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:sm8550p:-:*:*:*:*:*:*:*","matchCriteriaId":"699E5D17-6144-4F0A-8D52-1E8C83990E52"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:snapdragon_4_gen_2_mobile_platform_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"55AECCCF-0761-46B6-B669-E73096679AFB"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:snapdragon_4_gen_2_mobile_platform:-:*:*:*:*:*:*:*","matchCriteriaId":"7DE87CA2-160A-43BF-AC18-DA788501B5B4"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:snapdragon_460_mobile_platform_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"390D7CAF-6C0B-4438-AA7D-AEEE127F4D3C"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:snapdragon_460_mobile_platform:-:*:*:*:*:*:*:*","matchCriteriaId":"5BB1FC5E-CF6F-4E54-B78D-C01AFD034903"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:snapdragon_6_gen_1_mobile_platform_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"EBB3BC1B-2EBC-457C-AE91-6BD408EB7D5F"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:snapdragon_6_gen_1_mobile_platform:-:*:*:*:*:*:*:*","matchCriteriaId":"0870CC30-07F8-4FFF-85B4-FBACE947CC14"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:snapdragon_6_gen_3_mobile_platform_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"D69E4203-EA20-4D6F-BD1C-C8E550588F87"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:snapdragon_6_gen_3_mobile_platform:-:*:*:*:*:*:*:*","matchCriteriaId":"C1225010-5A08-4D13-A3E2-4C57C4265605"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:snapdragon_662_mobile_platform_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"37DF4D73-3ACC-41B3-8CA4-20DAECE6BFB7"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:snapdragon_662_mobile_platform:-:*:*:*:*:*:*:*","matchCriteriaId":"FE08D23A-2D0D-4472-8847-27B955F55165"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:snapdragon_7_gen_1_mobile_platform_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"677D5A3F-2A0D-48F0-A1C5-B067BADFD11A"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:snapdragon_7_gen_1_mobile_platform:-:*:*:*:*:*:*:*","matchCriteriaId":"CB79B015-A401-4FAD-8818-1475653C2B12"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:snapdragon_8_elite_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"3EA50192-07B0-4404-93D4-EC4F3B1918B7"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:snapdragon_8_elite:-:*:*:*:*:*:*:*","matchCriteriaId":"26C7FC48-08CB-4E50-B8D3-8AF30549FDF8"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:snapdragon_8_gen_1_mobile_platform_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"EB8FA32F-4690-4C5B-8968-474DA32FD0A4"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:snapdragon_8_gen_1_mobile_platform:-:*:*:*:*:*:*:*","matchCriteriaId":"59BD8BEA-725A-4158-84BE-4AFD476ED03D"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:snapdragon_8_gen_2_mobile_platform_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"60F5899C-BA8D-4B6B-BC61-F77B1EB64739"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:snapdragon_8_gen_2_mobile_platform:-:*:*:*:*:*:*:*","matchCriteriaId":"D39AD7CE-A017-4D74-A348-9E4B08363799"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:snapdragon_8\\+_gen_2_mobile_platform_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"1FEDF458-DEA7-42A1-A56D-E11250139545"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:snapdragon_8\\+_gen_2_mobile_platform:-:*:*:*:*:*:*:*","matchCriteriaId":"D5693438-0F20-47BB-BA32-7175C3152368"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:snapdragon_ar1_gen_1_platform_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"53E5BBDA-C07D-42E2-9A34-EC1F6454CAA4"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:snapdragon_ar1_gen_1_platform:-:*:*:*:*:*:*:*","matchCriteriaId":"0BB2408F-C768-4DD2-B834-B62E188D6CC2"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:snapdragon_xr2_5g_platform_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"1A129620-8241-4A47-AAC8-CC7E10A09C9C"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:snapdragon_xr2_5g_platform:-:*:*:*:*:*:*:*","matchCriteriaId":"4CEDD78E-124C-4216-9B57-3B7B53463659"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:snapdragon_xr2\\+_gen_1_platform_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"BF9740EB-F82E-42EA-993E-A393B05CC6BB"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:snapdragon_xr2\\+_gen_1_platform:-:*:*:*:*:*:*:*","matchCriteriaId":"022A5532-03F7-4FB8-BA0D-4221178C9486"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:srv1h_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"0CD199F5-DA68-4BEB-AA99-11572DA26B4F"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:srv1h:-:*:*:*:*:*:*:*","matchCriteriaId":"8ACA2D4D-FC77-4C1A-8278-1C27B3EA3303"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:srv1m_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"E4B29E7F-8BFE-466A-B357-63F8A2160C4E"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:srv1m:-:*:*:*:*:*:*:*","matchCriteriaId":"6D55CC7D-2E65-4CA9-9892-B6FBCC087E6F"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:sxr2230p_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"CD6444F6-A477-4B4C-8A09-C22C47CCE45B"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:sxr2230p:-:*:*:*:*:*:*:*","matchCriteriaId":"F3E20681-4FC4-46E2-AF77-BCF03BC8E77E"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:sxr2330p_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"568C5B08-AC42-48D3-8029-A65689EEBE75"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:sxr2330p:-:*:*:*:*:*:*:*","matchCriteriaId":"56DD2B49-0A36-443C-BECB-4115E271A415"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:sxr2350p_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"AA54D269-A94D-47CB-B3F1-7B163E453A67"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:sxr2350p:-:*:*:*:*:*:*:*","matchCriteriaId":"F1D79422-1EA3-459A-8C4A-8A0FBE386036"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:wcd9370_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"1295D869-F4DD-4766-B4AA-3513752F43B4"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:wcd9370:-:*:*:*:*:*:*:*","matchCriteriaId":"B98784DC-3143-4D38-AD28-DBBDCCAB4272"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:wcd9371_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"2503805B-B2A6-4AEE-8AB1-2B8A040702BD"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:wcd9371:-:*:*:*:*:*:*:*","matchCriteriaId":"D3AD370C-2ED0-43CF-83D9-50DC92A01CA5"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:wcd9375_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"34143ABA-7D09-429F-A65C-3A33438BF62C"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:wcd9375:-:*:*:*:*:*:*:*","matchCriteriaId":"9D56DFE3-5EF1-4B23-BBD5-0203FBF9CCEC"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:wcd9378_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"4CFDBB5B-0A4F-4032-874F-D2A7EF933FB0"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:wcd9378:-:*:*:*:*:*:*:*","matchCriteriaId":"D28A12D6-CC60-4BE9-ADEE-FAB58B05440F"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:wcd9380_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"70292B01-617F-44AD-AF77-1AFC1450523D"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:wcd9380:-:*:*:*:*:*:*:*","matchCriteriaId":"FA94C6D6-85DB-4031-AAF4-C399019AE16D"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:wcd9385_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"92B17201-8185-47F1-9720-5AB4ECD11B22"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:wcd9385:-:*:*:*:*:*:*:*","matchCriteriaId":"E1FA2EB9-416F-4D69-8786-386CC73978AE"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:wcd9390_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"896F1C04-9957-440F-BF01-C3772CC3B3DF"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:wcd9390:-:*:*:*:*:*:*:*","matchCriteriaId":"A90555EB-47A7-4717-92D5-35B561825F06"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:wcd9395_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"699056F6-1517-4F25-AE07-4FFCF6923B9F"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:wcd9395:-:*:*:*:*:*:*:*","matchCriteriaId":"E4C023D2-6FF5-4FFC-B9F2-895979166580"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:wcn3950_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"3FEF2DB6-00F5-4B07-953B-EF58B31267F1"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:wcn3950:-:*:*:*:*:*:*:*","matchCriteriaId":"120E8F0F-EBEB-4565-9927-2D473F783EF7"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:wcn3988_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"E4BFB25F-013B-48E3-99FF-3E8687F94423"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:wcn3988:-:*:*:*:*:*:*:*","matchCriteriaId":"BF676C5B-838B-446C-A689-6A25AB8A87E2"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:wcn6450_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"1FAFC9FA-E6EF-44C5-BD50-2824C7711541"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:wcn6450:-:*:*:*:*:*:*:*","matchCriteriaId":"6F895CDD-F9BB-45AD-AE60-71F4549114A4"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:wcn6650_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"93398092-AF7C-4F04-874C-7E5B4CF7AB00"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:wcn6650:-:*:*:*:*:*:*:*","matchCriteriaId":"7D242084-5844-4E43-8D7F-D2F8E3521F0C"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:wcn6755_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"2BC386D9-3D2B-40FA-A2D9-199BB138F46A"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:wcn6755:-:*:*:*:*:*:*:*","matchCriteriaId":"133FFD9F-FA09-4801-939B-AD1D507BE5FE"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:wcn7860_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"2EB8794F-7998-424E-AF68-E4A4F9310F65"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:wcn7860:-:*:*:*:*:*:*:*","matchCriteriaId":"799D69CE-3FCC-4B19-8B00-9AF38111D983"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:wcn7861_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"57608D47-894C-4895-B4B3-4733D55D57DB"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:wcn7861:-:*:*:*:*:*:*:*","matchCriteriaId":"2FFD2C38-1A61-4BED-ABFA-DAE0C4B78620"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:wcn7881_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"D765C392-5F38-4E6A-9E88-59629E7A6911"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:wcn7881:-:*:*:*:*:*:*:*","matchCriteriaId":"FAE8F4F9-F692-4EC0-A3FE-2CDD681DCBFD"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:wsa8810_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"15307882-7039-43E9-9BA3-035045988B99"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:wsa8810:-:*:*:*:*:*:*:*","matchCriteriaId":"AA85B322-E593-4499-829A-CC6D70BAE884"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:wsa8815_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"E839A0B9-64C3-4C7A-82B7-D2AAF65928F8"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:wsa8815:-:*:*:*:*:*:*:*","matchCriteriaId":"7E870D82-DE3B-4199-A730-C8FB545BAA98"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:wsa8830_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"11B69595-E488-4590-A150-CE5BE08B5E13"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:wsa8830:-:*:*:*:*:*:*:*","matchCriteriaId":"BF680174-5FA6-47D9-8EAB-CC2A37A7BD42"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:wsa8832_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"7ACAD26E-B79E-4659-91A5-D301281F7D36"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:wsa8832:-:*:*:*:*:*:*:*","matchCriteriaId":"F0E46DA6-9494-4D92-A4AE-A272AF6ACCCC"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:wsa8835_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"F80BC68E-7476-4A40-9F48-53722FE9A5BF"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:wsa8835:-:*:*:*:*:*:*:*","matchCriteriaId":"6B36F4B2-BAA3-45AD-9967-0EB482C99708"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:wsa8840_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"CA33DE15-C177-43B3-AD50-FF797753D12E"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:wsa8840:-:*:*:*:*:*:*:*","matchCriteriaId":"AE1A5841-5BCB-4033-ACB9-23F3FCA65309"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:wsa8845_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"5B47BF35-3AA0-4667-842E-19B0FE30BF3C"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:wsa8845:-:*:*:*:*:*:*:*","matchCriteriaId":"8A071672-9405-4418-9141-35CEADBB65AF"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:wsa8845h_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"BB7CF473-8B25-4851-91F2-1BD693CCDC85"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:wsa8845h:-:*:*:*:*:*:*:*","matchCriteriaId":"91E591F2-8F72-4A5A-9264-2742EB2DABDA"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:x1e80100_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"42F453E4-02CC-4E48-A25B-F1394069F524"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:x1e80100:-:*:*:*:*:*:*:*","matchCriteriaId":"8A6671AE-3490-4D85-A20C-3DA26F7D7AEB"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:xrv7209_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"CC6C6243-E092-4903-BC20-E3B0CECBC790"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:xrv7209:-:*:*:*:*:*:*:*","matchCriteriaId":"AAA33761-D61C-4A81-B233-5E2D50F3596F"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:xrv9209_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"3D693483-72F9-42B1-8EDA-8DABD537F428"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:xrv9209:-:*:*:*:*:*:*:*","matchCriteriaId":"43F4A7D9-055D-475B-BFE4-61A86C7397F8"}]}]}],"references":[{"url":"https://docs.qualcomm.com/product/publicresources/securitybulletin/july-2026-bulletin.html","source":"product-security@qualcomm.com","tags":["Patch","Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-21379","sourceIdentifier":"product-security@qualcomm.com","published":"2026-07-06T21:16:53.850","lastModified":"2026-07-07T16:45:53.567","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Memory Corruption when allocating memory with sizes that exceed the maximum allowed value."}],"affected":[{"source":"product-security@qualcomm.com","affectedData":[{"vendor":"Qualcomm, Inc.","product":"Snapdragon","defaultStatus":"unaffected","platforms":["Snapdragon Compute","Snapdragon Industrial IOT"],"versions":[{"version":"AQT1000","status":"affected"},{"version":"Cologne","status":"affected"},{"version":"FastConnect 6200","status":"affected"},{"version":"FastConnect 6700","status":"affected"},{"version":"FastConnect 6800","status":"affected"},{"version":"FastConnect 6900","status":"affected"},{"version":"FastConnect 7800","status":"affected"},{"version":"IQX5121","status":"affected"},{"version":"IQX7181","status":"affected"},{"version":"QCA0000","status":"affected"},{"version":"QCA6391","status":"affected"},{"version":"QCA6420","status":"affected"},{"version":"QCA6430","status":"affected"},{"version":"QCM5430","status":"affected"},{"version":"QCM6490","status":"affected"},{"version":"Qualcomm Video Collaboration VC3 Platform","status":"affected"},{"version":"SC8380XP","status":"affected"},{"version":"Snapdragon 7c+ Gen 3 Compute","status":"affected"},{"version":"Snapdragon 8c Compute Platform \"Poipu Lite\"","status":"affected"},{"version":"Snapdragon 8c Compute Platform (SC8180XP-AD) \"Poipu Lite\"","status":"affected"},{"version":"Snapdragon 8cx Compute Platform","status":"affected"},{"version":"Snapdragon 8cx Compute Platform \"Poipu Pro\"","status":"affected"},{"version":"Snapdragon 8cx Gen 2 5G Compute Platform","status":"affected"},{"version":"Snapdragon 8cx Gen 2 5G Compute Platform \"Poipu Pro\"","status":"affected"},{"version":"Snapdragon 8cx Gen 3 Compute Platform","status":"affected"},{"version":"WCD9340","status":"affected"},{"version":"WCD9341","status":"affected"},{"version":"WCD9370","status":"affected"},{"version":"WCD9375","status":"affected"},{"version":"WCD9378C","status":"affected"},{"version":"WCD9380","status":"affected"},{"version":"WCD9385","status":"affected"},{"version":"WSA8810","status":"affected"},{"version":"WSA8815","status":"affected"},{"version":"WSA8830","status":"affected"},{"version":"WSA8835","status":"affected"},{"version":"WSA8840","status":"affected"},{"version":"WSA8845","status":"affected"},{"version":"WSA8845H","status":"affected"},{"version":"X2000077","status":"affected"},{"version":"X2000086","status":"affected"},{"version":"X2000090","status":"affected"},{"version":"X2000092","status":"affected"},{"version":"X2000094","status":"affected"},{"version":"XG101002","status":"affected"},{"version":"XG101032","status":"affected"},{"version":"XG101039","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"product-security@qualcomm.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-06T00:00:00+00:00","id":"CVE-2026-21379","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"product-security@qualcomm.com","type":"Secondary","description":[{"lang":"en","value":"CWE-126"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:aqt1000_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"EC6FCE91-BF38-49ED-8FFB-429BAFEE7832"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:aqt1000:-:*:*:*:*:*:*:*","matchCriteriaId":"715A9F94-5F9E-45E5-B07B-699410C01478"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:cologne_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"8FF959C0-5AAB-4DC5-AE8F-4EFA21A00B5E"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:cologne:-:*:*:*:*:*:*:*","matchCriteriaId":"E31E0C48-FB61-47C8-B28B-3A701E85E126"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:fastconnect_6200_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"CDE1CBDE-3D28-463C-B215-AA7DF373EF09"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:fastconnect_6200:-:*:*:*:*:*:*:*","matchCriteriaId":"66BD3B88-7CF9-482D-A2DD-67F6ACF4CC57"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:fastconnect_6700_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"82B82E87-F3F4-466F-A76B-C8809121FF6F"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:fastconnect_6700:-:*:*:*:*:*:*:*","matchCriteriaId":"419A132E-E42C-4395-B74B-788A39DF1D13"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:fastconnect_6800_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"D89F035A-2388-48FC-AEBB-8429C6880F4A"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:fastconnect_6800:-:*:*:*:*:*:*:*","matchCriteriaId":"CA13EF4E-AAE6-45F4-9E41-78310E37CE81"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:fastconnect_6900_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"E670F500-9B71-4BBE-B5DA-221D35803C89"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:fastconnect_6900:-:*:*:*:*:*:*:*","matchCriteriaId":"9ADEB5C5-B79A-4F45-B7D3-75945B38DB6C"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:fastconnect_7800_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"B3053D68-C5D8-4D47-A4F0-9F3AF2289E1D"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:fastconnect_7800:-:*:*:*:*:*:*:*","matchCriteriaId":"638DBC7F-456F-487D-BED2-2214DFF8BEE2"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:iqx5121_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"499A2520-436C-4B12-849D-98B94088CCDE"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:iqx5121:-:*:*:*:*:*:*:*","matchCriteriaId":"4C34A825-C928-4F8F-B076-19F8787A3440"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:iqx7181_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"F58C10B5-2BB1-4A8F-AF4B-2EC791C9FBBE"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:iqx7181:-:*:*:*:*:*:*:*","matchCriteriaId":"9EE22328-BBF8-473C-8F89-58AEF8CC9D75"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:qca0000_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"CC941093-1A7C-47B2-AB3B-05AE4AE2FBE4"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:qca0000:-:*:*:*:*:*:*:*","matchCriteriaId":"7A2AA834-C17C-4E0E-A510-795818041E47"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:qca6391_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"83B53119-1B2F-4978-B7F5-33B84BE73B68"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:qca6391:-:*:*:*:*:*:*:*","matchCriteriaId":"6FEBC0C5-CAA1-475C-96C2-B8D24B2E4536"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:qca6420_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"7E16994A-6DBA-426C-ADD2-B1E8B49FEDBF"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:qca6420:-:*:*:*:*:*:*:*","matchCriteriaId":"47E674DE-55AB-44E5-8E00-C804FC9D4DC0"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:qca6430_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"95AFC483-1468-43FC-96FA-A56165C290E0"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:qca6430:-:*:*:*:*:*:*:*","matchCriteriaId":"0A963FDF-6FF4-4F48-834E-2A14D241716D"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:qcm5430_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"4EC5F81B-AA24-4E3C-9FC8-53E010AC977E"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:qcm5430:-:*:*:*:*:*:*:*","matchCriteriaId":"B5C66DAD-0D85-46B8-92D7-6D68B9429E9A"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:qcm6490_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"ADD6D51E-5787-42A6-8A02-4EBBAFFF9C94"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:qcm6490:-:*:*:*:*:*:*:*","matchCriteriaId":"99AA0291-B822-4CAD-BA17-81B632FC3FEF"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:video_collaboration_vc3_platform_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"DD4946C6-778F-4542-AB77-C9B86AF25C05"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:video_collaboration_vc3_platform:-:*:*:*:*:*:*:*","matchCriteriaId":"6F1D604A-4530-42B3-80A0-58A82D658DDD"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:sc8380xp_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"14E3FE58-7F1C-4F5C-B62D-0CF124E14AB2"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:sc8380xp:-:*:*:*:*:*:*:*","matchCriteriaId":"FFCB0BBA-3F81-4FCA-B3DE-190C46DA50DB"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:snapdragon_7c\\+_gen_3_compute_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"C4A050CA-8514-400A-A6B3-F513CC93CA14"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:snapdragon_7c\\+_gen_3_compute:-:*:*:*:*:*:*:*","matchCriteriaId":"BD850305-1E76-4952-A3FB-F6229CBF7FE9"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:snapdragon_8c_compute_platform_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"DC63E59F-CB68-435C-B1A4-7DA5D722142F"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:snapdragon_8c_compute_platform:-:*:*:*:*:*:*:*","matchCriteriaId":"088D62A3-1FE5-42D6-9231-41DDE4DA37EF"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:snapdragon_8c_compute_platform_\\(sc8180xp-ad\\)_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"E81ADBDE-BC6C-4FA2-B33F-553A8E42BB9F"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:snapdragon_8c_compute_platform_\\(sc8180xp-ad\\):-:*:*:*:*:*:*:*","matchCriteriaId":"F7A79274-E042-47F0-82C1-F3FFEF0BC058"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:snapdragon_8cx_compute_platform_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"36903AF3-4E2D-4990-B021-A1D980229077"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:snapdragon_8cx_compute_platform:-:*:*:*:*:*:*:*","matchCriteriaId":"472928D4-90F4-402D-B1F2-0CE358326A10"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:snapdragon_8cx_compute_platform_\\\"poipu_pro\\\"_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"C0D26DE7-964B-4B01-90E1-1D1E87522940"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:snapdragon_8cx_compute_platform_\\\"poipu_pro\\\":-:*:*:*:*:*:*:*","matchCriteriaId":"651EE0A5-D583-4D99-89B0-A81A51EAF46B"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:snapdragon_8cx_gen_2_5g_compute_platform_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"C7ACDB5B-A32C-43A1-9086-D081E9FFF9AA"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:snapdragon_8cx_gen_2_5g_compute_platform:-:*:*:*:*:*:*:*","matchCriteriaId":"583E50CC-2017-4092-A21E-7AAC53F53A25"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:snapdragon_8cx_gen_2_5g_compute_platform_\\\"poipu_pro\\\"_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"969BA39F-1068-49F3-8EF2-A5F64C5A57DA"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:snapdragon_8cx_gen_2_5g_compute_platform_\\\"poipu_pro\\\":-:*:*:*:*:*:*:*","matchCriteriaId":"A7A57DE6-615E-45C5-9CCD-2A12905EC368"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:snapdragon_8cx_gen_3_compute_platform_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"7C155F86-467F-4B57-950E-12FAAB570B01"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:snapdragon_8cx_gen_3_compute_platform:-:*:*:*:*:*:*:*","matchCriteriaId":"71E06B94-9463-49A6-B816-E8A82BEA8545"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:wcd9340_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"8BA28CC6-C8BB-4F50-BFE3-A59F664A4F54"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:wcd9340:-:*:*:*:*:*:*:*","matchCriteriaId":"94D2BDF1-764C-48BA-8944-3275E8768078"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:wcd9341_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"CE852339-1CAE-4983-9757-8F00EDEF1141"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:wcd9341:-:*:*:*:*:*:*:*","matchCriteriaId":"4D9E96B3-F1BB-46F8-B715-7DF90180F1E1"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:wcd9370_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"1295D869-F4DD-4766-B4AA-3513752F43B4"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:wcd9370:-:*:*:*:*:*:*:*","matchCriteriaId":"B98784DC-3143-4D38-AD28-DBBDCCAB4272"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:wcd9375_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"34143ABA-7D09-429F-A65C-3A33438BF62C"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:wcd9375:-:*:*:*:*:*:*:*","matchCriteriaId":"9D56DFE3-5EF1-4B23-BBD5-0203FBF9CCEC"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:wcd9378c_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"95D79E3A-1978-4B23-B60B-2BD47FEDF5C2"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:wcd9378c:-:*:*:*:*:*:*:*","matchCriteriaId":"91B32C89-3238-4FDF-BB3F-F6BAE829769B"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:wcd9380_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"70292B01-617F-44AD-AF77-1AFC1450523D"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:wcd9380:-:*:*:*:*:*:*:*","matchCriteriaId":"FA94C6D6-85DB-4031-AAF4-C399019AE16D"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:wcd9385_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"92B17201-8185-47F1-9720-5AB4ECD11B22"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:wcd9385:-:*:*:*:*:*:*:*","matchCriteriaId":"E1FA2EB9-416F-4D69-8786-386CC73978AE"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:wsa8810_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"15307882-7039-43E9-9BA3-035045988B99"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:wsa8810:-:*:*:*:*:*:*:*","matchCriteriaId":"AA85B322-E593-4499-829A-CC6D70BAE884"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:wsa8815_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"E839A0B9-64C3-4C7A-82B7-D2AAF65928F8"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:wsa8815:-:*:*:*:*:*:*:*","matchCriteriaId":"7E870D82-DE3B-4199-A730-C8FB545BAA98"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:wsa8830_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"11B69595-E488-4590-A150-CE5BE08B5E13"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:wsa8830:-:*:*:*:*:*:*:*","matchCriteriaId":"BF680174-5FA6-47D9-8EAB-CC2A37A7BD42"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:wsa8835_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"F80BC68E-7476-4A40-9F48-53722FE9A5BF"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:wsa8835:-:*:*:*:*:*:*:*","matchCriteriaId":"6B36F4B2-BAA3-45AD-9967-0EB482C99708"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:wsa8840_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"CA33DE15-C177-43B3-AD50-FF797753D12E"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:wsa8840:-:*:*:*:*:*:*:*","matchCriteriaId":"AE1A5841-5BCB-4033-ACB9-23F3FCA65309"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:wsa8845_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"5B47BF35-3AA0-4667-842E-19B0FE30BF3C"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:wsa8845:-:*:*:*:*:*:*:*","matchCriteriaId":"8A071672-9405-4418-9141-35CEADBB65AF"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:wsa8845h_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"BB7CF473-8B25-4851-91F2-1BD693CCDC85"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:wsa8845h:-:*:*:*:*:*:*:*","matchCriteriaId":"91E591F2-8F72-4A5A-9264-2742EB2DABDA"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:x2000077_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"A91D253E-0E24-474F-B016-0AC783812EBF"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:x2000077:-:*:*:*:*:*:*:*","matchCriteriaId":"DF588C55-E61D-46C6-98C3-647748AB0192"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:x2000086_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"E763DC2C-2D41-483D-8763-8518AAFC8B09"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:x2000086:-:*:*:*:*:*:*:*","matchCriteriaId":"2DD6A8C6-F716-42F3-A16A-70CDD2F72BCD"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:x2000090_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"21436FFF-DC3A-4279-85BB-1D2F9D270FFC"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:x2000090:-:*:*:*:*:*:*:*","matchCriteriaId":"991A3700-C97D-4495-8281-A11E0472930C"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:x2000092_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"E23F8167-8C43-4CCC-B95B-1BF8462E1E90"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:x2000092:-:*:*:*:*:*:*:*","matchCriteriaId":"65E7DF1E-5CDE-4DF0-A952-A01BF059EB96"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:x2000094_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"789E6127-504B-4B50-B5C7-C7F7933378A1"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:x2000094:-:*:*:*:*:*:*:*","matchCriteriaId":"5A029C9E-9F11-4D07-BD80-B9D00A379AAD"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:xg101002_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"B7EAE86E-AC65-4C37-A23E-E4C9DBFDEE48"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:xg101002:-:*:*:*:*:*:*:*","matchCriteriaId":"71E5EA1A-F5AE-42B6-804B-59FE6016A691"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:xg101032_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"45E15ACE-6573-43FC-8B38-A3B760C8B60D"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:xg101032:-:*:*:*:*:*:*:*","matchCriteriaId":"96CF3B92-6AA8-4494-A047-C0DAB82C01D9"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:xg101039_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"4C8F081D-479F-492A-9580-8EBE8011DA4E"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:xg101039:-:*:*:*:*:*:*:*","matchCriteriaId":"9A96C6B0-5B33-45DA-B3B1-AD304B7AE313"}]}]}],"references":[{"url":"https://docs.qualcomm.com/product/publicresources/securitybulletin/july-2026-bulletin.html","source":"product-security@qualcomm.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-21384","sourceIdentifier":"product-security@qualcomm.com","published":"2026-07-06T21:16:54.097","lastModified":"2026-07-07T17:27:33.407","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Memory Corruption when updating prepared commands with invalid port indices based on user space input exceeds supported read client limits."}],"affected":[{"source":"product-security@qualcomm.com","affectedData":[{"vendor":"Qualcomm, Inc.","product":"Snapdragon","defaultStatus":"unaffected","platforms":["Snapdragon Auto","Snapdragon Compute","Snapdragon Consumer IOT","Snapdragon Industrial IOT","Snapdragon Mobile"],"versions":[{"version":"FastConnect 6700","status":"affected"},{"version":"FastConnect 6900","status":"affected"},{"version":"FastConnect 7800","status":"affected"},{"version":"LeMans_AU_LGIT","status":"affected"},{"version":"LeMansAU","status":"affected"},{"version":"Netrani","status":"affected"},{"version":"Pandeiro","status":"affected"},{"version":"QAM8255P","status":"affected"},{"version":"QAMSRV1H","status":"affected"},{"version":"QAMSRV1M","status":"affected"},{"version":"QCA6595","status":"affected"},{"version":"QCA6595AU","status":"affected"},{"version":"QCA6678AQ","status":"affected"},{"version":"QCA6698AQ","status":"affected"},{"version":"QCA6698AU","status":"affected"},{"version":"QCA6797AQ","status":"affected"},{"version":"QCM4490","status":"affected"},{"version":"QCM5430","status":"affected"},{"version":"QCM6490","status":"affected"},{"version":"QCM8838","status":"affected"},{"version":"QCS4490","status":"affected"},{"version":"QCS8550","status":"affected"},{"version":"QLN1083BD","status":"affected"},{"version":"QLN1086BD","status":"affected"},{"version":"QPA1083BD","status":"affected"},{"version":"QPA1086BD","status":"affected"},{"version":"Qualcomm Video Collaboration VC3 Platform","status":"affected"},{"version":"QXM1093","status":"affected"},{"version":"QXM1094","status":"affected"},{"version":"QXM1095","status":"affected"},{"version":"QXM1096","status":"affected"},{"version":"SA7255P","status":"affected"},{"version":"SA7775P","status":"affected"},{"version":"SA8255P","status":"affected"},{"version":"SA8620P","status":"affected"},{"version":"SA8770P","status":"affected"},{"version":"SA9000P","status":"affected"},{"version":"SAR2130P","status":"affected"},{"version":"SC8380XP","status":"affected"},{"version":"SD 8 Gen1 5G","status":"affected"},{"version":"SD865 5G","status":"affected"},{"version":"SDR753","status":"affected"},{"version":"SM7435","status":"affected"},{"version":"Snapdragon 4 Gen 2 Mobile Platform","status":"affected"},{"version":"Snapdragon 460 Mobile Platform","status":"affected"},{"version":"Snapdragon 6 Gen 1 Mobile Platform","status":"affected"},{"version":"Snapdragon 6 Gen 3 Mobile Platform","status":"affected"},{"version":"Snapdragon 662 Mobile Platform","status":"affected"},{"version":"Snapdragon 7 Gen 1 Mobile Platform","status":"affected"},{"version":"Snapdragon 8 Elite","status":"affected"},{"version":"Snapdragon 8 Gen 1 Mobile Platform","status":"affected"},{"version":"Snapdragon AR1 Gen 1 Platform","status":"affected"},{"version":"Snapdragon XR2 5G Platform","status":"affected"},{"version":"Snapdragon XR2+ Gen 1 Platform","status":"affected"},{"version":"SRV1H","status":"affected"},{"version":"SRV1M","status":"affected"},{"version":"SXR2230P","status":"affected"},{"version":"SXR2330P","status":"affected"},{"version":"SXR2350P","status":"affected"},{"version":"WCD9370","status":"affected"},{"version":"WCD9375","status":"affected"},{"version":"WCD9380","status":"affected"},{"version":"WCD9385","status":"affected"},{"version":"WCN3950","status":"affected"},{"version":"WCN3988","status":"affected"},{"version":"WCN6755","status":"affected"},{"version":"WCN7860","status":"affected"},{"version":"WCN7861","status":"affected"},{"version":"WCN7881","status":"affected"},{"version":"WSA8810","status":"affected"},{"version":"WSA8815","status":"affected"},{"version":"WSA8830","status":"affected"},{"version":"WSA8832","status":"affected"},{"version":"WSA8835","status":"affected"},{"version":"WSA8840","status":"affected"},{"version":"WSA8845","status":"affected"},{"version":"WSA8845H","status":"affected"},{"version":"XRV7209","status":"affected"},{"version":"XRV9209","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"product-security@qualcomm.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:L","baseScore":5.3,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"HIGH","privilegesRequired":"LOW","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"LOW"},"exploitabilityScore":1.1,"impactScore":3.7},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L","baseScore":5.3,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"LOW"},"exploitabilityScore":1.8,"impactScore":3.4}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-07T03:56:31.457378Z","id":"CVE-2026-21384","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"product-security@qualcomm.com","type":"Secondary","description":[{"lang":"en","value":"CWE-787"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:fastconnect_6700_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"82B82E87-F3F4-466F-A76B-C8809121FF6F"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:fastconnect_6700:-:*:*:*:*:*:*:*","matchCriteriaId":"419A132E-E42C-4395-B74B-788A39DF1D13"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:fastconnect_6900_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"E670F500-9B71-4BBE-B5DA-221D35803C89"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:fastconnect_6900:-:*:*:*:*:*:*:*","matchCriteriaId":"9ADEB5C5-B79A-4F45-B7D3-75945B38DB6C"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:fastconnect_7800_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"B3053D68-C5D8-4D47-A4F0-9F3AF2289E1D"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:fastconnect_7800:-:*:*:*:*:*:*:*","matchCriteriaId":"638DBC7F-456F-487D-BED2-2214DFF8BEE2"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:lemans_au_lgit_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"5767FE95-737F-4C20-A5AB-EC641A68D906"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:lemans_au_lgit:-:*:*:*:*:*:*:*","matchCriteriaId":"33323A49-9267-421B-96E1-80C5FA709EBC"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:lemansau_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"2DF0ED3F-C98B-458E-ADCC-C922402BB185"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:lemansau:-:*:*:*:*:*:*:*","matchCriteriaId":"102A4B5E-1739-4C31-A626-ABF6B02FEE29"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:netrani_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"9C52A53B-1182-47F3-9800-D8C58F954277"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:netrani:-:*:*:*:*:*:*:*","matchCriteriaId":"BEC1F084-78C8-4413-940A-47E9554CB6D0"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:pandeiro_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"23F8EF0C-BB48-47E1-A045-254D79388F75"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:pandeiro:-:*:*:*:*:*:*:*","matchCriteriaId":"058950FC-ED72-4E91-AE13-87E738ADC083"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:qam8255p_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"3723C7B1-A7E2-401F-8D6D-189350F6BCA5"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:qam8255p:-:*:*:*:*:*:*:*","matchCriteriaId":"B12B89EF-7B12-481E-BCBC-F12B9D16321A"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:qamsrv1h_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"F8673334-5E11-4E95-B33D-3029499F71DF"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:qamsrv1h:-:*:*:*:*:*:*:*","matchCriteriaId":"EC0B32F6-5EF0-4591-99D7-D0E9B09DEC5A"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:qamsrv1m_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"CE03AB2A-3ED9-4489-8E5B-4FCF8BAA8559"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:qamsrv1m:-:*:*:*:*:*:*:*","matchCriteriaId":"9E646738-6A87-4470-9640-6A5A1DF3AF78"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:qca6595_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"643EC76D-2836-48E6-81DA-78C4883C33CA"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:qca6595:-:*:*:*:*:*:*:*","matchCriteriaId":"477F6529-4CE1-44FC-B6EE-D24D44C71AE7"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:qca6595au_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"288F637F-22F8-47CF-B67F-C798A730A1BD"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:qca6595au:-:*:*:*:*:*:*:*","matchCriteriaId":"D0996EA3-1C92-4933-BE34-9CF625E59FE7"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:qca6678aq_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"D001127D-8160-42F0-B8B9-2FAA2976B530"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:qca6678aq:-:*:*:*:*:*:*:*","matchCriteriaId":"C9EB615F-FD4C-450B-AB25-E936FD9816C4"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:qca6698aq_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"5FA1F8F4-EAF2-4704-A8A6-19AD3CA1B577"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:qca6698aq:-:*:*:*:*:*:*:*","matchCriteriaId":"B3F7853D-09EE-476F-B48D-BB30AEB4A67D"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:qca6698au_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"3ACA09C0-84A5-493A-A9BD-EF95A8330D54"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:qca6698au:-:*:*:*:*:*:*:*","matchCriteriaId":"3A2397BD-431C-4730-92E3-17A5C2445A65"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:qca6797aq_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"797295C2-535C-46A9-A725-E1A5405F0436"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:qca6797aq:-:*:*:*:*:*:*:*","matchCriteriaId":"8BFC575E-594E-4711-94B1-2DC8D03B9AC4"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:qcm4490_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"DA506489-4338-44DF-8F92-12E60AF0048C"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:qcm4490:-:*:*:*:*:*:*:*","matchCriteriaId":"A8718C37-A82A-4A08-A887-3F22B37601A9"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:qcm5430_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"4EC5F81B-AA24-4E3C-9FC8-53E010AC977E"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:qcm5430:-:*:*:*:*:*:*:*","matchCriteriaId":"B5C66DAD-0D85-46B8-92D7-6D68B9429E9A"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:qcm6490_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"ADD6D51E-5787-42A6-8A02-4EBBAFFF9C94"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:qcm6490:-:*:*:*:*:*:*:*","matchCriteriaId":"99AA0291-B822-4CAD-BA17-81B632FC3FEF"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:qcm8838_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"7C6535AE-8680-4AB9-ABF6-82DAE1795531"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:qcm8838:-:*:*:*:*:*:*:*","matchCriteriaId":"9C3FEACB-1AE1-4BF2-9552-C31A32DCCA9B"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:qcs4490_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"3336CDD7-9E7B-4FFB-A5CE-594B19B63A6C"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:qcs4490:-:*:*:*:*:*:*:*","matchCriteriaId":"1197E229-1E27-4CA3-A386-B77FAE5DFE1A"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:qcs8550_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"FFF23DDB-98A0-4343-ADD3-5AB9C2383E7E"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:qcs8550:-:*:*:*:*:*:*:*","matchCriteriaId":"5ACB8AFB-5B91-4AA1-BA3A-1AF0B3503080"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:qln1083bd_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"FD70F234-1EE7-4362-97F6-5AEDB7078D03"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:qln1083bd:-:*:*:*:*:*:*:*","matchCriteriaId":"C569A848-B70C-42EF-B6D5-4A86547586EE"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:qln1086bd_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"F218DF06-C40A-4738-ABB5-A3FA2243EF84"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:qln1086bd:-:*:*:*:*:*:*:*","matchCriteriaId":"2E2A0CD0-66FA-45D6-BBC7-03641203EC73"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:qpa1083bd_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"B0208F7B-A959-485E-B004-A34CB7C7C4C9"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:qpa1083bd:-:*:*:*:*:*:*:*","matchCriteriaId":"FBDAC812-4603-4D24-A861-23825E32D44E"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:qpa1086bd_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"7F6DEF72-A8FF-4B67-AA6C-5CB4AA7B35E1"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:qpa1086bd:-:*:*:*:*:*:*:*","matchCriteriaId":"00EF6875-B088-40BD-A526-C962789CDC5A"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:video_collaboration_vc3_platform_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"DD4946C6-778F-4542-AB77-C9B86AF25C05"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:video_collaboration_vc3_platform:-:*:*:*:*:*:*:*","matchCriteriaId":"6F1D604A-4530-42B3-80A0-58A82D658DDD"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:qxm1093_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"9A46B609-BD06-4BB7-B055-1F71C555E93D"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:qxm1093:-:*:*:*:*:*:*:*","matchCriteriaId":"59598462-1E53-4F6D-BAB5-06ACEDF6CD9F"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:qxm1094_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"8F30D66E-2802-4394-BC39-5E04711234FF"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:qxm1094:-:*:*:*:*:*:*:*","matchCriteriaId":"078EC383-784F-4468-B94C-AE7CC9808419"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:qxm1095_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"B7B67C93-0453-4696-8F3D-0AD664922C44"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:qxm1095:-:*:*:*:*:*:*:*","matchCriteriaId":"D61C46AA-9130-46A8-BD04-8B4235118B81"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:qxm1096_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"2E2D5E44-48F6-41E8-A38B-A2E070E16AA9"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:qxm1096:-:*:*:*:*:*:*:*","matchCriteriaId":"9BD0372F-5140-4966-9A27-6B5A606C0665"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:sa7255p_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"2B651F0A-34DA-400F-A376-B499BFDF8E86"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:sa7255p:-:*:*:*:*:*:*:*","matchCriteriaId":"4CFF093D-98C8-470F-8330-E5126E06343A"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:sa7775p_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"6C32CA38-5D48-4108-9858-FD66E20CAF2F"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:sa7775p:-:*:*:*:*:*:*:*","matchCriteriaId":"E1997F8B-17B8-4DE3-BCF7-726928720592"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:sa8255p_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"EC6E268D-C4AF-4950-9223-39EA36D538A8"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:sa8255p:-:*:*:*:*:*:*:*","matchCriteriaId":"073C1A81-D02B-4F2F-9378-CD1B2DCE0E5B"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:sa8620p_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"6ACE6D64-A498-482F-8270-718F4884CFFD"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:sa8620p:-:*:*:*:*:*:*:*","matchCriteriaId":"B6E016D6-1B83-4261-A27E-1F9873F81E14"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:sa8770p_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"781CCC31-C08F-499B-BE73-6C7DB70437AF"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:sa8770p:-:*:*:*:*:*:*:*","matchCriteriaId":"75AFAA21-0589-4C6A-9418-34EE8A61BBAD"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:sa9000p_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"A024AB04-B213-4018-A4C1-FA467C7BA775"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:sa9000p:-:*:*:*:*:*:*:*","matchCriteriaId":"A2A8AB7C-5D34-4794-8C06-2193075B323F"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:sar2130p_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"95696696-D2AE-4358-AF5D-3ED14F969964"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:sar2130p:-:*:*:*:*:*:*:*","matchCriteriaId":"1A6FC469-463F-4EC1-B4EF-010BDB9BAA05"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:sc8380xp_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"14E3FE58-7F1C-4F5C-B62D-0CF124E14AB2"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:sc8380xp:-:*:*:*:*:*:*:*","matchCriteriaId":"FFCB0BBA-3F81-4FCA-B3DE-190C46DA50DB"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:sd_8_gen1_5g_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"76910884-45D9-4EA2-BA30-44A8C7CC1339"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:sd_8_gen1_5g:-:*:*:*:*:*:*:*","matchCriteriaId":"33D393A6-4586-4416-86EB-F9D86DC3DED8"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:sd865_5g_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"72433485-B229-46A6-BCA4-394AA4EEA683"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:sd865_5g:-:*:*:*:*:*:*:*","matchCriteriaId":"04D40EC4-BF31-4BFD-8D0A-8193F541AF02"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:sdr753_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"A49B142B-E8DC-4A79-B969-2C2FBE2E009A"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:sdr753:-:*:*:*:*:*:*:*","matchCriteriaId":"8A1A6C7D-EAB0-4D8D-9A3E-DA066F4ACF7D"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:sm7435_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"F7A95A9E-617A-4D3A-9A4E-0C0A29B3C8B5"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:sm7435:-:*:*:*:*:*:*:*","matchCriteriaId":"3559292E-B5A6-4F88-BC20-F6AA85F07C97"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:snapdragon_4_gen_2_mobile_platform_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"55AECCCF-0761-46B6-B669-E73096679AFB"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:snapdragon_4_gen_2_mobile_platform:-:*:*:*:*:*:*:*","matchCriteriaId":"7DE87CA2-160A-43BF-AC18-DA788501B5B4"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:snapdragon_460_mobile_platform_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"390D7CAF-6C0B-4438-AA7D-AEEE127F4D3C"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:snapdragon_460_mobile_platform:-:*:*:*:*:*:*:*","matchCriteriaId":"5BB1FC5E-CF6F-4E54-B78D-C01AFD034903"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:snapdragon_6_gen_1_mobile_platform_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"EBB3BC1B-2EBC-457C-AE91-6BD408EB7D5F"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:snapdragon_6_gen_1_mobile_platform:-:*:*:*:*:*:*:*","matchCriteriaId":"0870CC30-07F8-4FFF-85B4-FBACE947CC14"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:snapdragon_6_gen_3_mobile_platform_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"D69E4203-EA20-4D6F-BD1C-C8E550588F87"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:snapdragon_6_gen_3_mobile_platform:-:*:*:*:*:*:*:*","matchCriteriaId":"C1225010-5A08-4D13-A3E2-4C57C4265605"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:snapdragon_662_mobile_platform_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"37DF4D73-3ACC-41B3-8CA4-20DAECE6BFB7"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:snapdragon_662_mobile_platform:-:*:*:*:*:*:*:*","matchCriteriaId":"FE08D23A-2D0D-4472-8847-27B955F55165"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:snapdragon_7_gen_1_mobile_platform_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"677D5A3F-2A0D-48F0-A1C5-B067BADFD11A"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:snapdragon_7_gen_1_mobile_platform:-:*:*:*:*:*:*:*","matchCriteriaId":"CB79B015-A401-4FAD-8818-1475653C2B12"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:snapdragon_8_elite_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"3EA50192-07B0-4404-93D4-EC4F3B1918B7"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:snapdragon_8_elite:-:*:*:*:*:*:*:*","matchCriteriaId":"26C7FC48-08CB-4E50-B8D3-8AF30549FDF8"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:snapdragon_8_gen_1_mobile_platform_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"EB8FA32F-4690-4C5B-8968-474DA32FD0A4"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:snapdragon_8_gen_1_mobile_platform:-:*:*:*:*:*:*:*","matchCriteriaId":"59BD8BEA-725A-4158-84BE-4AFD476ED03D"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:snapdragon_ar1_gen_1_platform_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"53E5BBDA-C07D-42E2-9A34-EC1F6454CAA4"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:snapdragon_ar1_gen_1_platform:-:*:*:*:*:*:*:*","matchCriteriaId":"0BB2408F-C768-4DD2-B834-B62E188D6CC2"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:snapdragon_xr2_5g_platform_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"1A129620-8241-4A47-AAC8-CC7E10A09C9C"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:snapdragon_xr2_5g_platform:-:*:*:*:*:*:*:*","matchCriteriaId":"4CEDD78E-124C-4216-9B57-3B7B53463659"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:snapdragon_xr2\\+_gen_1_platform_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"BF9740EB-F82E-42EA-993E-A393B05CC6BB"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:snapdragon_xr2\\+_gen_1_platform:-:*:*:*:*:*:*:*","matchCriteriaId":"022A5532-03F7-4FB8-BA0D-4221178C9486"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:srv1h_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"0CD199F5-DA68-4BEB-AA99-11572DA26B4F"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:srv1h:-:*:*:*:*:*:*:*","matchCriteriaId":"8ACA2D4D-FC77-4C1A-8278-1C27B3EA3303"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:srv1m_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"E4B29E7F-8BFE-466A-B357-63F8A2160C4E"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:srv1m:-:*:*:*:*:*:*:*","matchCriteriaId":"6D55CC7D-2E65-4CA9-9892-B6FBCC087E6F"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:sxr2230p_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"CD6444F6-A477-4B4C-8A09-C22C47CCE45B"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:sxr2230p:-:*:*:*:*:*:*:*","matchCriteriaId":"F3E20681-4FC4-46E2-AF77-BCF03BC8E77E"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:sxr2330p_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"568C5B08-AC42-48D3-8029-A65689EEBE75"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:sxr2330p:-:*:*:*:*:*:*:*","matchCriteriaId":"56DD2B49-0A36-443C-BECB-4115E271A415"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:sxr2350p_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"AA54D269-A94D-47CB-B3F1-7B163E453A67"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:sxr2350p:-:*:*:*:*:*:*:*","matchCriteriaId":"F1D79422-1EA3-459A-8C4A-8A0FBE386036"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:wcd9370_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"1295D869-F4DD-4766-B4AA-3513752F43B4"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:wcd9370:-:*:*:*:*:*:*:*","matchCriteriaId":"B98784DC-3143-4D38-AD28-DBBDCCAB4272"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:wcd9375_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"34143ABA-7D09-429F-A65C-3A33438BF62C"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:wcd9375:-:*:*:*:*:*:*:*","matchCriteriaId":"9D56DFE3-5EF1-4B23-BBD5-0203FBF9CCEC"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:wcd9380_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"70292B01-617F-44AD-AF77-1AFC1450523D"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:wcd9380:-:*:*:*:*:*:*:*","matchCriteriaId":"FA94C6D6-85DB-4031-AAF4-C399019AE16D"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:wcd9385_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"92B17201-8185-47F1-9720-5AB4ECD11B22"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:wcd9385:-:*:*:*:*:*:*:*","matchCriteriaId":"E1FA2EB9-416F-4D69-8786-386CC73978AE"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:wcn3950_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"3FEF2DB6-00F5-4B07-953B-EF58B31267F1"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:wcn3950:-:*:*:*:*:*:*:*","matchCriteriaId":"120E8F0F-EBEB-4565-9927-2D473F783EF7"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:wcn3988_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"E4BFB25F-013B-48E3-99FF-3E8687F94423"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:wcn3988:-:*:*:*:*:*:*:*","matchCriteriaId":"BF676C5B-838B-446C-A689-6A25AB8A87E2"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:wcn6755_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"2BC386D9-3D2B-40FA-A2D9-199BB138F46A"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:wcn6755:-:*:*:*:*:*:*:*","matchCriteriaId":"133FFD9F-FA09-4801-939B-AD1D507BE5FE"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:wcn7860_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"2EB8794F-7998-424E-AF68-E4A4F9310F65"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:wcn7860:-:*:*:*:*:*:*:*","matchCriteriaId":"799D69CE-3FCC-4B19-8B00-9AF38111D983"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:wcn7861_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"57608D47-894C-4895-B4B3-4733D55D57DB"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:wcn7861:-:*:*:*:*:*:*:*","matchCriteriaId":"2FFD2C38-1A61-4BED-ABFA-DAE0C4B78620"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:wcn7881_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"D765C392-5F38-4E6A-9E88-59629E7A6911"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:wcn7881:-:*:*:*:*:*:*:*","matchCriteriaId":"FAE8F4F9-F692-4EC0-A3FE-2CDD681DCBFD"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:wsa8810_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"15307882-7039-43E9-9BA3-035045988B99"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:wsa8810:-:*:*:*:*:*:*:*","matchCriteriaId":"AA85B322-E593-4499-829A-CC6D70BAE884"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:wsa8815_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"E839A0B9-64C3-4C7A-82B7-D2AAF65928F8"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:wsa8815:-:*:*:*:*:*:*:*","matchCriteriaId":"7E870D82-DE3B-4199-A730-C8FB545BAA98"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:wsa8830_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"11B69595-E488-4590-A150-CE5BE08B5E13"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:wsa8830:-:*:*:*:*:*:*:*","matchCriteriaId":"BF680174-5FA6-47D9-8EAB-CC2A37A7BD42"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:wsa8832_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"7ACAD26E-B79E-4659-91A5-D301281F7D36"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:wsa8832:-:*:*:*:*:*:*:*","matchCriteriaId":"F0E46DA6-9494-4D92-A4AE-A272AF6ACCCC"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:wsa8835_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"F80BC68E-7476-4A40-9F48-53722FE9A5BF"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:wsa8835:-:*:*:*:*:*:*:*","matchCriteriaId":"6B36F4B2-BAA3-45AD-9967-0EB482C99708"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:wsa8840_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"CA33DE15-C177-43B3-AD50-FF797753D12E"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:wsa8840:-:*:*:*:*:*:*:*","matchCriteriaId":"AE1A5841-5BCB-4033-ACB9-23F3FCA65309"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:wsa8845_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"5B47BF35-3AA0-4667-842E-19B0FE30BF3C"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:wsa8845:-:*:*:*:*:*:*:*","matchCriteriaId":"8A071672-9405-4418-9141-35CEADBB65AF"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:wsa8845h_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"BB7CF473-8B25-4851-91F2-1BD693CCDC85"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:wsa8845h:-:*:*:*:*:*:*:*","matchCriteriaId":"91E591F2-8F72-4A5A-9264-2742EB2DABDA"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:xrv7209_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"CC6C6243-E092-4903-BC20-E3B0CECBC790"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:xrv7209:-:*:*:*:*:*:*:*","matchCriteriaId":"AAA33761-D61C-4A81-B233-5E2D50F3596F"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:xrv9209_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"3D693483-72F9-42B1-8EDA-8DABD537F428"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:xrv9209:-:*:*:*:*:*:*:*","matchCriteriaId":"43F4A7D9-055D-475B-BFE4-61A86C7397F8"}]}]}],"references":[{"url":"https://docs.qualcomm.com/product/publicresources/securitybulletin/july-2026-bulletin.html","source":"product-security@qualcomm.com","tags":["Patch","Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-25268","sourceIdentifier":"product-security@qualcomm.com","published":"2026-07-06T21:16:54.730","lastModified":"2026-07-07T16:37:11.267","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Memory Corruption when processing invalid HT40 channel layouts during dynamic channel switching operations."}],"affected":[{"source":"product-security@qualcomm.com","affectedData":[{"vendor":"Qualcomm, Inc.","product":"Snapdragon","defaultStatus":"unaffected","platforms":["Snapdragon Auto","Snapdragon Compute","Snapdragon Consumer IOT","Snapdragon Industrial IOT","Snapdragon Mobile","Snapdragon WBC","Snapdragon Wired Infrastructure and Networking"],"versions":[{"version":"5G Fixed Wireless Access Platform","status":"affected"},{"version":"AR8035","status":"affected"},{"version":"CQ7790","status":"affected"},{"version":"CQ8725S","status":"affected"},{"version":"CSR8811","status":"affected"},{"version":"FastConnect 6700","status":"affected"},{"version":"FastConnect 6900","status":"affected"},{"version":"FastConnect 7800","status":"affected"},{"version":"FWA Gen 3 Ultra Platform","status":"affected"},{"version":"FWA Gen 5 Elite Platform","status":"affected"},{"version":"Immersive Home 214 Platform","status":"affected"},{"version":"Immersive Home 216 Platform","status":"affected"},{"version":"Immersive Home 316 Platform","status":"affected"},{"version":"Immersive Home 318 Platform","status":"affected"},{"version":"Immersive Home 3210 Platform","status":"affected"},{"version":"Immersive Home 326 Platform","status":"affected"},{"version":"IPQ5010","status":"affected"},{"version":"IPQ5028","status":"affected"},{"version":"IPQ5300","status":"affected"},{"version":"IPQ5302","status":"affected"},{"version":"IPQ5312","status":"affected"},{"version":"IPQ5332","status":"affected"},{"version":"IPQ6000","status":"affected"},{"version":"IPQ6010","status":"affected"},{"version":"IPQ6018","status":"affected"},{"version":"IPQ8076","status":"affected"},{"version":"IPQ8078","status":"affected"},{"version":"IPQ9008","status":"affected"},{"version":"IPQ9048","status":"affected"},{"version":"IPQ9554","status":"affected"},{"version":"IPQ9570","status":"affected"},{"version":"IPQ9574","status":"affected"},{"version":"Kobuk","status":"affected"},{"version":"Marina","status":"affected"},{"version":"Networking Pro 1200 Platform","status":"affected"},{"version":"Networking Pro 1210 Platform","status":"affected"},{"version":"Networking Pro 1610 Platform","status":"affected"},{"version":"Networking Pro 400 Platform","status":"affected"},{"version":"Networking Pro 600 Platform","status":"affected"},{"version":"Networking Pro 610 Platform","status":"affected"},{"version":"Networking Pro 800 Platform","status":"affected"},{"version":"Networking Pro 810 Platform","status":"affected"},{"version":"Orne","status":"affected"},{"version":"QCA0000","status":"affected"},{"version":"QCA4024","status":"affected"},{"version":"QCA6174A","status":"affected"},{"version":"QCA8075","status":"affected"},{"version":"QCA8080","status":"affected"},{"version":"QCA8081","status":"affected"},{"version":"QCA8082","status":"affected"},{"version":"QCA8084","status":"affected"},{"version":"QCA8085","status":"affected"},{"version":"QCA8101","status":"affected"},{"version":"QCA8102","status":"affected"},{"version":"QCA8111","status":"affected"},{"version":"QCA8112","status":"affected"},{"version":"QCA8337","status":"affected"},{"version":"QCA8384","status":"affected"},{"version":"QCA8385","status":"affected"},{"version":"QCA8386","status":"affected"},{"version":"QCA9888","status":"affected"},{"version":"QCA9889","status":"affected"},{"version":"QCC710","status":"affected"},{"version":"QCF8000","status":"affected"},{"version":"QCF8001","status":"affected"},{"version":"QCM5430","status":"affected"},{"version":"QCM6490","status":"affected"},{"version":"QCN5022","status":"affected"},{"version":"QCN5024","status":"affected"},{"version":"QCN5052","status":"affected"},{"version":"QCN5122","status":"affected"},{"version":"QCN5124","status":"affected"},{"version":"QCN5152","status":"affected"},{"version":"QCN5154","status":"affected"},{"version":"QCN5164","status":"affected"},{"version":"QCN5224","status":"affected"},{"version":"QCN6023","status":"affected"},{"version":"QCN6024","status":"affected"},{"version":"QCN6112","status":"affected"},{"version":"QCN6122","status":"affected"},{"version":"QCN6132","status":"affected"},{"version":"QCN6224","status":"affected"},{"version":"QCN6274","status":"affected"},{"version":"QCN6402","status":"affected"},{"version":"QCN6412","status":"affected"},{"version":"QCN6422","status":"affected"},{"version":"QCN6432","status":"affected"},{"version":"QCN9000","status":"affected"},{"version":"QCN9012","status":"affected"},{"version":"QCN9013","status":"affected"},{"version":"QCN9022","status":"affected"},{"version":"QCN9024","status":"affected"},{"version":"QCN9070","status":"affected"},{"version":"QCN9100","status":"affected"},{"version":"QCN9160","status":"affected"},{"version":"QCN9274","status":"affected"},{"version":"QFW7114","status":"affected"},{"version":"QFW7124","status":"affected"},{"version":"QFW7224","status":"affected"},{"version":"QMX82L","status":"affected"},{"version":"QMX85L","status":"affected"},{"version":"Qualcomm Video Collaboration VC3 Platform","status":"affected"},{"version":"QXM8083","status":"affected"},{"version":"SAR2130P","status":"affected"},{"version":"SDX61","status":"affected"},{"version":"SDX65M","status":"affected"},{"version":"SDX81","status":"affected"},{"version":"Snapdragon 460 Mobile Platform","status":"affected"},{"version":"Snapdragon 662 Mobile Platform","status":"affected"},{"version":"Snapdragon Auto 5G Modem-RF","status":"affected"},{"version":"Snapdragon X62 5G Modem-RF System","status":"affected"},{"version":"Snapdragon X65 5G Modem-RF System","status":"affected"},{"version":"Snapdragon X72 5G Modem-RF System","status":"affected"},{"version":"Snapdragon X75 5G Modem-RF System","status":"affected"},{"version":"SW-only","status":"affected"},{"version":"WCD9340","status":"affected"},{"version":"WCD9370","status":"affected"},{"version":"WCD9375","status":"affected"},{"version":"WCD9380","status":"affected"},{"version":"WCD9385","status":"affected"},{"version":"WCN3950","status":"affected"},{"version":"WCN3988","status":"affected"},{"version":"WCN6755","status":"affected"},{"version":"WCN7861","status":"affected"},{"version":"WCN7881","status":"affected"},{"version":"WSA8830","status":"affected"},{"version":"WSA8832","status":"affected"},{"version":"WSA8835","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"product-security@qualcomm.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.0,"impactScore":6.0}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-06T00:00:00+00:00","id":"CVE-2026-25268","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"product-security@qualcomm.com","type":"Secondary","description":[{"lang":"en","value":"CWE-121"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:wsa8835_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"F80BC68E-7476-4A40-9F48-53722FE9A5BF"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:wsa8835:-:*:*:*:*:*:*:*","matchCriteriaId":"6B36F4B2-BAA3-45AD-9967-0EB482C99708"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:5g_fixed_wireless_access_platform_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"C9D9ABF8-3D6C-415B-B6F9-9A430D08E335"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:5g_fixed_wireless_access_platform:-:*:*:*:*:*:*:*","matchCriteriaId":"CF1134A5-796D-476B-A0E6-4BDD7A96A109"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:ar8035_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"C88B9C86-2E8E-4DCE-A30C-02977CC00F00"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:ar8035:-:*:*:*:*:*:*:*","matchCriteriaId":"EE473A5A-5CFC-4F08-A173-30717F8BD0D7"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:cq7790_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"D9FEBA60-92CC-4660-B410-74A9D0AEB7B9"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:cq7790:-:*:*:*:*:*:*:*","matchCriteriaId":"25B3F423-6AF3-472A-A178-21776C708A88"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:cq8725s_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"C6143A36-BA18-432C-A6BB-2F33B1509C44"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:cq8725s:-:*:*:*:*:*:*:*","matchCriteriaId":"09EE5F30-46A6-423B-94AF-E7F4DAB532CB"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:qca4024_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"C359D1E7-6E0A-41B5-ABE5-B55598960700"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:qca4024:-:*:*:*:*:*:*:*","matchCriteriaId":"B4DC3CE7-0C4A-458B-A42E-8F80C062DD5F"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:qca6174a_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"4FF653D0-15CF-4A10-8D8E-BE56F4DAB890"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:qca6174a:-:*:*:*:*:*:*:*","matchCriteriaId":"C31FA74C-6659-4457-BC32-257624F43C66"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:qca8075_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"CC8A5A87-7D62-4EB7-962A-0F160DE3E889"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:qca8075:-:*:*:*:*:*:*:*","matchCriteriaId":"7B68D126-7F49-4FFA-8AF8-78120973D78E"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:qca8080_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"FC553591-A429-48B6-B378-CDF0A2173EA2"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:qca8080:-:*:*:*:*:*:*:*","matchCriteriaId":"3A0E183F-C9E7-4B6A-8470-44BA77DA4E2E"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:qca8081_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"1D1C53DC-D2F3-4C92-9725-9A85340AF026"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:qca8081:-:*:*:*:*:*:*:*","matchCriteriaId":"ED0585FF-E390-46E8-8701-70964A4057BB"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:qca8082_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"EB1F2E8B-1ED2-473D-AFD8-F2590F6BD414"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:qca8082:-:*:*:*:*:*:*:*","matchCriteriaId":"FBDA9657-7D30-41FD-8112-F53E6C69D53A"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:qca8084_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"1B9045A8-BA53-43C4-B24D-5EF320DE7A4A"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:qca8084:-:*:*:*:*:*:*:*","matchCriteriaId":"3D6E8939-AFA3-41AC-B811-BCC282A43106"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:qca8085_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"B87335A8-DC52-478E-B19F-0C4CC63132EA"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:qca8085:-:*:*:*:*:*:*:*","matchCriteriaId":"99C34523-FE2A-4DDC-9A8A-D9072F3D0FD3"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:qca8101_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"1A7F8D18-C53F-4C0E-AC2E-4FE6B7F9D4D0"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:qca8101:-:*:*:*:*:*:*:*","matchCriteriaId":"6C2EE327-06BA-41AF-807B-A16875CE5BD5"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:qca8102_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"BDB37850-3613-4F72-B559-3BD8CA59A1A1"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:qca8102:-:*:*:*:*:*:*:*","matchCriteriaId":"F482A96D-3BB1-4FFC-8F26-0E6E9AA4F4D4"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:qca8111_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"15A9FAB1-9A90-4CE4-A00F-04703659BB4A"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:qca8111:-:*:*:*:*:*:*:*","matchCriteriaId":"09ADD6B3-8876-469A-83D1-0DF12756D6EE"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:qca8112_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"8C25D65C-0F25-49EE-8CD6-16472D081509"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:qca8112:-:*:*:*:*:*:*:*","matchCriteriaId":"7275DCA9-8429-4C1E-9911-298743E67326"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:qca8337_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"2FA8F9DA-1386-4961-B9B2-484E4347852A"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:qca8337:-:*:*:*:*:*:*:*","matchCriteriaId":"117289C8-7484-4EAE-8F35-A25768F00EED"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:qca8384_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"CFE75D55-09F1-4980-AEE7-E4BF80DE8C9B"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:qca8384:-:*:*:*:*:*:*:*","matchCriteriaId":"B62AF79F-88EA-421C-89AE-4F3A8DA563D8"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:qca8385_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"840E8FE5-5496-4C36-A6DD-5A1AA42FD039"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:qca8385:-:*:*:*:*:*:*:*","matchCriteriaId":"1C60AC74-A676-4BA9-8709-B834241B0D78"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:qca8386_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"08E9E6CB-2216-4AF2-81C2-D482598298BE"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:qca8386:-:*:*:*:*:*:*:*","matchCriteriaId":"4774FAA6-6141-4B08-819C-58D4D9A2B69F"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:qca9888_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"EF227702-EEFC-43CC-AC80-81EA6E4927E0"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:qca9888:-:*:*:*:*:*:*:*","matchCriteriaId":"AE5DFEA5-EA29-40B6-83DB-883B276E8245"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:qca9889_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"728CCD27-ED06-49FD-AECD-9B0856813EDF"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:qca9889:-:*:*:*:*:*:*:*","matchCriteriaId":"1D181868-AE93-4116-B45F-81D94F537227"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:qcc710_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"2A75D017-032F-4369-917C-567EE2A809F2"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:qcc710:-:*:*:*:*:*:*:*","matchCriteriaId":"107F0423-608C-404D-B58B-616A6494418F"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:qcf8000_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"9A05AC12-9E7A-4837-A447-1718396011FC"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:qcf8000:-:*:*:*:*:*:*:*","matchCriteriaId":"8E3FF297-D849-45AE-AAB8-DDEA64A23FF3"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:qcf8001_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"287199B4-9CBB-4290-BDB3-ABBB41794259"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:qcf8001:-:*:*:*:*:*:*:*","matchCriteriaId":"142DC510-DD92-4174-8B37-4D239573661E"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:qcm5430_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"4EC5F81B-AA24-4E3C-9FC8-53E010AC977E"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:qcm5430:-:*:*:*:*:*:*:*","matchCriteriaId":"B5C66DAD-0D85-46B8-92D7-6D68B9429E9A"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:qcm6490_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"ADD6D51E-5787-42A6-8A02-4EBBAFFF9C94"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:qcm6490:-:*:*:*:*:*:*:*","matchCriteriaId":"99AA0291-B822-4CAD-BA17-81B632FC3FEF"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:qcn5022_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"478B79F0-D257-41B2-965B-3E251A584D45"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:qcn5022:-:*:*:*:*:*:*:*","matchCriteriaId":"8B6D2C9D-1BF9-4D78-90FB-B7633DD87E67"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:qcn5024_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"63965F19-033E-4755-B9CA-EF409EC339A3"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:qcn5024:-:*:*:*:*:*:*:*","matchCriteriaId":"CCA0E68F-6D5F-4C20-AABC-26CA6867D3D6"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:qcn5052_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"85740DB4-3B08-48A4-ACAF-7BBB2612009A"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:qcn5052:-:*:*:*:*:*:*:*","matchCriteriaId":"8A0BD404-5EBA-4988-91B6-ECE8FCF4F041"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:qcn5122_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"290BFC8A-0D76-4BCD-B059-2DAFD368A10C"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:qcn5122:-:*:*:*:*:*:*:*","matchCriteriaId":"936A308A-92B9-468C-9BC6-8FD71C7C2315"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:qcn5124_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"2A9F76FF-96D3-4BCE-918D-B3B0ADA3E8E0"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:qcn5124:-:*:*:*:*:*:*:*","matchCriteriaId":"2908A543-EFE4-477D-9CF3-76534B2E6CF6"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:qcn5152_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"0EAE1EBF-AD14-4C07-99B5-2547A5196B20"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:qcn5152:-:*:*:*:*:*:*:*","matchCriteriaId":"D4829FF9-C0BA-4E40-A01A-3EF179462029"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:qcn5154_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"0ED3ED74-C2D0-4A84-A2F8-392818E5CD20"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:qcn5154:-:*:*:*:*:*:*:*","matchCriteriaId":"4F1CA219-959D-481A-8622-69F1825832FB"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:qcn5164_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"5F6EAD64-D133-42C4-92ED-90C49938C0F1"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:qcn5164:-:*:*:*:*:*:*:*","matchCriteriaId":"93E7ED58-C5A7-4F78-8233-750780CCAB16"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:qcn5224_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"9242D662-65B5-4EE4-85F7-AB4864962A9E"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:qcn5224:-:*:*:*:*:*:*:*","matchCriteriaId":"F15FC87F-8E22-433E-A1EB-46982FFCD033"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:qcn6023_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"63FF89C5-3BBF-4A13-8A3B-F490C2FA1A95"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:qcn6023:-:*:*:*:*:*:*:*","matchCriteriaId":"6784EC5F-2C26-49C5-9A03-6FD2056C04EF"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:qcn6024_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"A49DBE04-E2EA-4DA1-B774-A878A71524AC"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:qcn6024:-:*:*:*:*:*:*:*","matchCriteriaId":"69E98386-3BB2-4E8C-AD00-E05123608439"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:qcn6112_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"6300827E-F6F0-490B-8043-38DD415E3161"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:qcn6112:-:*:*:*:*:*:*:*","matchCriteriaId":"58F6B4C5-2C26-4A13-BA10-5B70805AD8B6"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:qcn6122_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"1A988BD3-71D8-4F2B-9EC2-8E385B114114"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:qcn6122:-:*:*:*:*:*:*:*","matchCriteriaId":"1E7049A3-9F35-465F-9B2E-96788E54EC63"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:qcn6132_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"A59FBBDC-0495-422C-B25A-FFDF94D33C34"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:qcn6132:-:*:*:*:*:*:*:*","matchCriteriaId":"F6E55C06-45EE-4144-8CBC-4D41DDE4D899"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:qcn6224_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"5F4362D2-30A3-4388-ABB6-293878AD7036"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:qcn6224:-:*:*:*:*:*:*:*","matchCriteriaId":"BB6AE9A7-386A-473B-9BD5-DA37B1E696C5"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:qcn6274_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"88376C1D-AC4D-4EB0-AF6A-274D020F5859"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:qcn6274:-:*:*:*:*:*:*:*","matchCriteriaId":"E15BA4B4-C97F-45C0-A4AD-7E46387F19A6"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:qcn6402_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"0C46FCBE-C6AC-4715-8E16-6B070A222452"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:qcn6402:-:*:*:*:*:*:*:*","matchCriteriaId":"2A27FD2C-695B-4A5E-9715-5683E868809E"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:csr8811_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"D4CAA848-413D-4C63-823B-BFCE95C7740C"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:csr8811:-:*:*:*:*:*:*:*","matchCriteriaId":"1AA32CC0-DE30-4B15-8EC6-1FAF14C5C4E2"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:fastconnect_6700_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"82B82E87-F3F4-466F-A76B-C8809121FF6F"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:fastconnect_6700:-:*:*:*:*:*:*:*","matchCriteriaId":"419A132E-E42C-4395-B74B-788A39DF1D13"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:fastconnect_6900_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"E670F500-9B71-4BBE-B5DA-221D35803C89"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:fastconnect_6900:-:*:*:*:*:*:*:*","matchCriteriaId":"9ADEB5C5-B79A-4F45-B7D3-75945B38DB6C"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:fastconnect_7800_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"B3053D68-C5D8-4D47-A4F0-9F3AF2289E1D"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:fastconnect_7800:-:*:*:*:*:*:*:*","matchCriteriaId":"638DBC7F-456F-487D-BED2-2214DFF8BEE2"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:fwa_gen_3_ultra_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"AEB6D1A6-2CB2-4425-A5A0-EE9A9434C08C"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:fwa_gen_3_ultra:-:*:*:*:*:*:*:*","matchCriteriaId":"02675702-6F51-4AF0-A62B-3A1658E45094"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:fwa_gen_5_elite_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"04CD5DD2-E4CA-437A-8F33-2F7DA09B685C"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:fwa_gen_5_elite:-:*:*:*:*:*:*:*","matchCriteriaId":"1821A2C8-671A-4D41-9470-1F2DBB967FE3"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:immersive_home_214_platform_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"4C241123-63B1-4CA2-A3CB-BADA86EAAA2E"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:immersive_home_214_platform:-:*:*:*:*:*:*:*","matchCriteriaId":"66E4B95D-966A-4940-A403-9E8241F121C2"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:immersive_home_216_platform_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"68309F58-91D9-407E-9578-17EAF6836E07"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:immersive_home_216_platform:-:*:*:*:*:*:*:*","matchCriteriaId":"A0D491A9-6A1F-4B62-9A30-5A9F592BD5B5"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:immersive_home_316_platform_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"AA6CA3E5-7A0F-4705-985E-0C25DE609494"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:immersive_home_316_platform:-:*:*:*:*:*:*:*","matchCriteriaId":"8DC770BF-4B23-4F43-A0B9-E5FE41536F5E"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:immersive_home_318_platform_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"84B4531C-9D90-4A9B-8724-1428372319C8"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:immersive_home_318_platform:-:*:*:*:*:*:*:*","matchCriteriaId":"497EC79B-0879-4FA2-A5B7-63EA54FC20A5"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:immersive_home_3210_platform_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"B1AA3313-749F-486B-8212-33E569377C2B"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:immersive_home_3210_platform:-:*:*:*:*:*:*:*","matchCriteriaId":"B6F6D44F-BD86-44B9-BE5D-471D33F0438D"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:immersive_home_326_platform_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"7BB0662A-2D27-4AE7-8370-0B567B9A8214"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:immersive_home_326_platform:-:*:*:*:*:*:*:*","matchCriteriaId":"67970B89-2F06-4E4A-88CA-9D37C060C1BA"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:ipq5010_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"8543C671-054B-489F-ACFE-B7D7BEC1DEE6"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:ipq5010:-:*:*:*:*:*:*:*","matchCriteriaId":"15C5F8CB-3291-4E13-94F0-680FC85A9669"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:ipq5028_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"5AE3085F-59BE-46A0-9A96-65CFAB7DFEAE"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:ipq5028:-:*:*:*:*:*:*:*","matchCriteriaId":"825524E0-BB01-4CAD-9F65-95E096467D28"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:ipq5300_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"19FE4D11-3A23-4652-B86E-ED996426DD61"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:ipq5300:-:*:*:*:*:*:*:*","matchCriteriaId":"C2637D57-1226-4091-BF08-39680615176F"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:ipq5302_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"3EB5FF59-057F-42D9-8829-EF0AD2CBB6DD"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:ipq5302:-:*:*:*:*:*:*:*","matchCriteriaId":"AE256F7A-9696-44D0-B8C9-C60A7B61FC91"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:ipq5312_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"01F79573-A728-4052-92A6-5ADE4E7A4B23"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:ipq5312:-:*:*:*:*:*:*:*","matchCriteriaId":"1AA3AFC1-C1A8-46F4-9AE9-053AB9E56B0D"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:ipq5332_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"A795F64D-6DE9-4D56-AA22-D77470B9E5AD"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:ipq5332:-:*:*:*:*:*:*:*","matchCriteriaId":"32521715-D9BF-4A86-BE4B-D9BB29C133F0"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:ipq6000_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"AA7A5C46-48BF-42A9-A477-A660C6D7B437"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:ipq6000:-:*:*:*:*:*:*:*","matchCriteriaId":"EDB79382-19D6-4A67-9013-7099A9C58829"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:ipq6010_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"A5CF970F-17AE-4C59-89A5-5B41A41E1DE0"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:ipq6010:-:*:*:*:*:*:*:*","matchCriteriaId":"71C54A70-AAA8-4B5E-AC1B-471A5C7E79B0"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:ipq6018_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"B04589FF-F299-4EF6-A57B-1AD145372DBB"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:ipq6018:-:*:*:*:*:*:*:*","matchCriteriaId":"FDC1ADAD-DA77-47EF-8DB9-C36961C560C2"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:ipq8076_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"966392A8-DD8E-4AA1-B407-5BF2D937139E"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:ipq8076:-:*:*:*:*:*:*:*","matchCriteriaId":"A211C022-8EDF-4B76-89D6-599812900446"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:ipq8078_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"A24951FD-C4AB-4988-A1DD-019412430AC6"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:ipq8078:-:*:*:*:*:*:*:*","matchCriteriaId":"EFEC5D65-C1E3-40ED-9FE3-8DF888CA2654"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:ipq9008_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"78A6F4F3-0CE3-4A02-B615-63E76C93ADC4"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:ipq9008:-:*:*:*:*:*:*:*","matchCriteriaId":"31D07608-80F7-44AA-BE91-1F97FC1CE313"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:ipq9048_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"C736654C-1E52-4CE7-8B11-0F0028BF8568"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:ipq9048:-:*:*:*:*:*:*:*","matchCriteriaId":"0EED451A-FD6F-4190-9BAE-39BD4030A11A"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:ipq9554_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"1C656780-05E9-40D5-936B-B73ECE9E0330"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:ipq9554:-:*:*:*:*:*:*:*","matchCriteriaId":"CD2DF80E-E546-473B-AE26-594CFB8A87A8"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:ipq9570_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"1A6182C0-AAE7-45A9-8ECB-F198B55181AB"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:ipq9570:-:*:*:*:*:*:*:*","matchCriteriaId":"61FC3830-8AAF-4836-89C3-2C6355CC0272"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:ipq9574_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"0327D8C9-DD6B-4831-BBD4-2EE57A351493"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:ipq9574:-:*:*:*:*:*:*:*","matchCriteriaId":"0C866E83-23ED-495C-AA5A-0B01973674BF"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:kobuk_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"91D75BEA-6B49-4F12-98DF-50DB4244D26F"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:kobuk:-:*:*:*:*:*:*:*","matchCriteriaId":"BA886E96-9ED5-412F-BCD6-60EC3DB04E60"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:marina_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"3713FF4B-1938-4370-A5DB-F6385B1FEC69"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:marina:-:*:*:*:*:*:*:*","matchCriteriaId":"7F6E1693-366B-4BAE-AA84-AC08CE2442FA"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:networking_pro_1200_platform_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"485C6AE2-3D61-4559-B45C-F0DE22D6DBEC"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:networking_pro_1200_platform:-:*:*:*:*:*:*:*","matchCriteriaId":"6A7FAF9B-0251-497E-AC7A-5748E3F179EC"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:networking_pro_1210_platform_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"E79D7D01-77D2-4E83-8BF7-864743F12929"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:networking_pro_1210_platform:-:*:*:*:*:*:*:*","matchCriteriaId":"7A005215-1BD5-4BD8-B1FA-EBED4EEFE7A8"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:networking_pro_1610_platform_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"3CB3B148-7285-4476-BCB2-A0306E0AC538"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:networking_pro_1610_platform:-:*:*:*:*:*:*:*","matchCriteriaId":"1C42518F-CD3C-4C40-A4B1-E39BA620E251"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:networking_pro_400_platform_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"4CCBA9FD-BBC2-4A43-AA54-A82D1CA34141"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:networking_pro_400_platform:-:*:*:*:*:*:*:*","matchCriteriaId":"ED746FDC-A620-4BE4-A560-624A63D1FE26"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:networking_pro_600_platform_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"2A3DAC65-65BB-4DD6-B81F-C066CB021322"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:networking_pro_600_platform:-:*:*:*:*:*:*:*","matchCriteriaId":"46D9A2F4-AEC5-4A5B-A078-957264E4F493"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:networking_pro_610_platform_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"B5B43A8D-9710-41A3-A71B-4BCFA647F4B3"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:networking_pro_610_platform:-:*:*:*:*:*:*:*","matchCriteriaId":"CB6E5A4F-F33A-4C6A-845C-F8716FFEEE9E"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:networking_pro_800_platform_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"2E2159BD-4C54-4B92-A6B0-03ECE54ED98B"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:networking_pro_800_platform:-:*:*:*:*:*:*:*","matchCriteriaId":"7B3D3D4C-6785-4E1E-B13F-92E7AC186B27"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:networking_pro_810_platform_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"663F6FAD-9515-493E-BFC6-5694C397941A"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:networking_pro_810_platform:-:*:*:*:*:*:*:*","matchCriteriaId":"54C1A881-341D-41A4-8E0C-388CB3763C2A"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:orne_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"19FB8345-BBFC-4E18-A4E6-64A159D7F65B"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:orne:-:*:*:*:*:*:*:*","matchCriteriaId":"FFDA4056-3F1B-4F3A-BE59-1908BD3DE5E9"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:qca0000_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"CC941093-1A7C-47B2-AB3B-05AE4AE2FBE4"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:qca0000:-:*:*:*:*:*:*:*","matchCriteriaId":"7A2AA834-C17C-4E0E-A510-795818041E47"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:qcn6412_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"A1F6CC23-583C-4A6C-BB56-EE68CA4803DF"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:qcn6412:-:*:*:*:*:*:*:*","matchCriteriaId":"36CFB570-A437-4158-A306-1237BE6AD7FC"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:qcn6422_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"48BBE3D5-9B42-444C-9119-DB282FAE98FF"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:qcn6422:-:*:*:*:*:*:*:*","matchCriteriaId":"E09A34F0-5BC6-436C-AEB8-99873439742D"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:qcn6432_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"3B079570-EBBE-40B6-8C08-343CDA74DB04"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:qcn6432:-:*:*:*:*:*:*:*","matchCriteriaId":"613879FB-77E8-4339-ABC1-8EABAC78EBB0"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:qcn9000_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"5BCCFF8B-4857-439D-BD4A-EB35672F474B"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:qcn9000:-:*:*:*:*:*:*:*","matchCriteriaId":"86896D55-89F5-440B-9082-916E486B65D9"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:qcn9012_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"61F34DD2-9DC0-49E5-BC85-1543EA199477"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:qcn9012:-:*:*:*:*:*:*:*","matchCriteriaId":"1A06879F-6FE9-448A-8186-8347D76F872B"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:qcn9013_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"D1EC8266-96C3-44F2-B9FA-5A5E0815565B"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:qcn9013:-:*:*:*:*:*:*:*","matchCriteriaId":"2F4612E3-E1C9-4225-A5E9-C854BF3FA28D"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:qcn9022_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"36A10EB2-E7A2-461F-836E-FC38B9428C98"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:qcn9022:-:*:*:*:*:*:*:*","matchCriteriaId":"A457C1D6-A026-4B5F-9CB1-FA795785A515"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:qcn9024_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"A64CDA49-19BF-413F-A0E0-2B9729E45E25"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:qcn9024:-:*:*:*:*:*:*:*","matchCriteriaId":"345CCD64-C09E-407D-AAA2-311C4CCFE24F"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:qcn9070_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"2C10CAAC-FD93-4116-9F0C-E983B3693FAF"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:qcn9070:-:*:*:*:*:*:*:*","matchCriteriaId":"9FEC2402-BA39-49BB-A34C-FF32ED44A158"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:qcn9100_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"B31EEE9E-CDEC-4E88-B950-3413205E483E"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:qcn9100:-:*:*:*:*:*:*:*","matchCriteriaId":"3E1E341A-7DDD-47E5-BB5F-0666482B41C0"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:qcn9160_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"2B0687D7-DD06-430F-8CD2-968D766E3491"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:qcn9160:-:*:*:*:*:*:*:*","matchCriteriaId":"3013D4AE-57DB-4601-BA66-86FF067BAEB1"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:qcn9274_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"9129A244-AB8C-4AA4-BFBB-37F84D66BD3E"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:qcn9274:-:*:*:*:*:*:*:*","matchCriteriaId":"41F243A1-3C0B-4780-95BF-69A4E1A91F18"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:qfw7114_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"7456782E-B6CE-42ED-A51E-39907120E28B"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:qfw7114:-:*:*:*:*:*:*:*","matchCriteriaId":"637BF4DF-BB40-479F-B696-6AD9D4B35D64"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:qfw7124_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"D72C4CE0-AB59-4652-854F-94C9998F2712"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:qfw7124:-:*:*:*:*:*:*:*","matchCriteriaId":"98720774-11B8-4B4B-BC73-D4DA84E07F78"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:qfw7224_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"EF48F2E5-5500-411B-9000-3AE3734B5B9A"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:qfw7224:-:*:*:*:*:*:*:*","matchCriteriaId":"13D8247B-BFB3-4ED9-8982-5E653CAD7A65"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:qmx82l_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"4AB9E3D9-5E23-43A6-818E-A919AEB05ADC"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:qmx82l:-:*:*:*:*:*:*:*","matchCriteriaId":"D07B2A4C-3CFC-4F8B-A38A-C75C13F3F46F"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:qmx85l_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"E75672CA-A1DC-437B-8DAE-279A1BFEEF20"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:qmx85l:-:*:*:*:*:*:*:*","matchCriteriaId":"685536A8-AF25-409E-B501-B2AC05D22A75"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:video_collaboration_vc3_platform_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"DD4946C6-778F-4542-AB77-C9B86AF25C05"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:video_collaboration_vc3_platform:-:*:*:*:*:*:*:*","matchCriteriaId":"6F1D604A-4530-42B3-80A0-58A82D658DDD"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:qxm8083_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"5308653F-A89A-4FA8-BAB0-72300E4A6346"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:qxm8083:-:*:*:*:*:*:*:*","matchCriteriaId":"CEF36CC6-3623-4E87-B40B-D9785CA35EB7"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:sar2130p_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"95696696-D2AE-4358-AF5D-3ED14F969964"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:sar2130p:-:*:*:*:*:*:*:*","matchCriteriaId":"1A6FC469-463F-4EC1-B4EF-010BDB9BAA05"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:sdx61_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"3125FCBA-94BA-415A-A005-CDC5B2CDBE39"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:sdx61:-:*:*:*:*:*:*:*","matchCriteriaId":"BCB09831-632C-4043-B7BE-C02ADA70AACA"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:sdx65m_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"08C59BD9-8629-467F-9C1C-F2232C821DDB"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:sdx65m:-:*:*:*:*:*:*:*","matchCriteriaId":"7E7510FC-E89C-4EE4-84AE-8002E48937D2"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:sdx81_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"71088DA4-A018-4D69-8D26-CD52639DB015"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:sdx81:-:*:*:*:*:*:*:*","matchCriteriaId":"79806BCE-5AE0-4840-AE0F-DED768FCB6AE"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:snapdragon_460_mobile_platform_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"390D7CAF-6C0B-4438-AA7D-AEEE127F4D3C"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:snapdragon_460_mobile_platform:-:*:*:*:*:*:*:*","matchCriteriaId":"5BB1FC5E-CF6F-4E54-B78D-C01AFD034903"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:snapdragon_662_mobile_platform_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"37DF4D73-3ACC-41B3-8CA4-20DAECE6BFB7"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:snapdragon_662_mobile_platform:-:*:*:*:*:*:*:*","matchCriteriaId":"FE08D23A-2D0D-4472-8847-27B955F55165"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:snapdragon_auto_5g_modem-rf_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"88AF39A5-F44E-4B14-AA6E-4F80D9EEB017"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:snapdragon_auto_5g_modem-rf:-:*:*:*:*:*:*:*","matchCriteriaId":"2A25FE8F-555A-4D85-8A94-A808B62EAE86"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:snapdragon_x62_5g_modem-rf_system_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"FEA4DE65-C5F1-45F6-9D79-CF80196471B6"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:snapdragon_x62_5g_modem-rf_system:-:*:*:*:*:*:*:*","matchCriteriaId":"1F27FE86-F0E3-4EBD-933F-9B0210CBD72F"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:snapdragon_x65_5g_modem-rf_system_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"F74BF53E-DFA1-4750-A638-FE7572B79D16"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:snapdragon_x65_5g_modem-rf_system:-:*:*:*:*:*:*:*","matchCriteriaId":"226D1ABD-E4AD-487E-88EB-4C66D51DB33D"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:snapdragon_x72_5g_modem-rf_system_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"205BF723-DBED-4EAE-8B5C-0E01B01E1544"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:snapdragon_x72_5g_modem-rf_system:-:*:*:*:*:*:*:*","matchCriteriaId":"9A36A7B8-CF35-4003-AC3E-C5D25288B1A1"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:snapdragon_x75_5g_modem-rf_system_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"95A98B39-067F-4047-9ADB-7C53F18CBB7B"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:snapdragon_x75_5g_modem-rf_system:-:*:*:*:*:*:*:*","matchCriteriaId":"1C462F32-0E70-472A-A42D-CD0229A97E94"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:sw-only_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"52433CDD-4776-41C7-96BA-D9EB12934C06"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:sw-only:-:*:*:*:*:*:*:*","matchCriteriaId":"A996EBB2-BE81-41AD-8164-21A741FD2793"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:wcd9340_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"8BA28CC6-C8BB-4F50-BFE3-A59F664A4F54"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:wcd9340:-:*:*:*:*:*:*:*","matchCriteriaId":"94D2BDF1-764C-48BA-8944-3275E8768078"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:wcd9370_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"1295D869-F4DD-4766-B4AA-3513752F43B4"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:wcd9370:-:*:*:*:*:*:*:*","matchCriteriaId":"B98784DC-3143-4D38-AD28-DBBDCCAB4272"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:wcd9375_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"34143ABA-7D09-429F-A65C-3A33438BF62C"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:wcd9375:-:*:*:*:*:*:*:*","matchCriteriaId":"9D56DFE3-5EF1-4B23-BBD5-0203FBF9CCEC"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:wcd9380_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"70292B01-617F-44AD-AF77-1AFC1450523D"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:wcd9380:-:*:*:*:*:*:*:*","matchCriteriaId":"FA94C6D6-85DB-4031-AAF4-C399019AE16D"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:wcd9385_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"92B17201-8185-47F1-9720-5AB4ECD11B22"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:wcd9385:-:*:*:*:*:*:*:*","matchCriteriaId":"E1FA2EB9-416F-4D69-8786-386CC73978AE"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:wcn3950_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"3FEF2DB6-00F5-4B07-953B-EF58B31267F1"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:wcn3950:-:*:*:*:*:*:*:*","matchCriteriaId":"120E8F0F-EBEB-4565-9927-2D473F783EF7"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:wcn3988_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"E4BFB25F-013B-48E3-99FF-3E8687F94423"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:wcn3988:-:*:*:*:*:*:*:*","matchCriteriaId":"BF676C5B-838B-446C-A689-6A25AB8A87E2"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:wcn6755_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"2BC386D9-3D2B-40FA-A2D9-199BB138F46A"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:wcn6755:-:*:*:*:*:*:*:*","matchCriteriaId":"133FFD9F-FA09-4801-939B-AD1D507BE5FE"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:wcn7861_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"57608D47-894C-4895-B4B3-4733D55D57DB"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:wcn7861:-:*:*:*:*:*:*:*","matchCriteriaId":"2FFD2C38-1A61-4BED-ABFA-DAE0C4B78620"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:wcn7881_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"D765C392-5F38-4E6A-9E88-59629E7A6911"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:wcn7881:-:*:*:*:*:*:*:*","matchCriteriaId":"FAE8F4F9-F692-4EC0-A3FE-2CDD681DCBFD"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:wsa8830_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"11B69595-E488-4590-A150-CE5BE08B5E13"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:wsa8830:-:*:*:*:*:*:*:*","matchCriteriaId":"BF680174-5FA6-47D9-8EAB-CC2A37A7BD42"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:wsa8832_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"7ACAD26E-B79E-4659-91A5-D301281F7D36"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:wsa8832:-:*:*:*:*:*:*:*","matchCriteriaId":"F0E46DA6-9494-4D92-A4AE-A272AF6ACCCC"}]}]}],"references":[{"url":"https://docs.qualcomm.com/product/publicresources/securitybulletin/july-2026-bulletin.html","source":"product-security@qualcomm.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-25271","sourceIdentifier":"product-security@qualcomm.com","published":"2026-07-06T21:16:54.903","lastModified":"2026-07-07T16:35:38.123","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Memory Corruption when processing asynchronous input parameters due to improper handling of modified values between check and use."}],"affected":[{"source":"product-security@qualcomm.com","affectedData":[{"vendor":"Qualcomm, Inc.","product":"Snapdragon","defaultStatus":"unaffected","platforms":["Snapdragon Compute","Snapdragon Industrial IOT"],"versions":[{"version":"Cologne","status":"affected"},{"version":"FastConnect 6900","status":"affected"},{"version":"FastConnect 7800","status":"affected"},{"version":"IQX5121","status":"affected"},{"version":"IQX7181","status":"affected"},{"version":"QCA0000","status":"affected"},{"version":"SC8380XP","status":"affected"},{"version":"WCD9378C","status":"affected"},{"version":"WCD9380","status":"affected"},{"version":"WCD9385","status":"affected"},{"version":"WSA8840","status":"affected"},{"version":"WSA8845","status":"affected"},{"version":"WSA8845H","status":"affected"},{"version":"X2000077","status":"affected"},{"version":"X2000086","status":"affected"},{"version":"X2000090","status":"affected"},{"version":"X2000092","status":"affected"},{"version":"X2000094","status":"affected"},{"version":"XG101002","status":"affected"},{"version":"XG101032","status":"affected"},{"version":"XG101039","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"product-security@qualcomm.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.0,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"HIGH","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.0,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-06T00:00:00+00:00","id":"CVE-2026-25271","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"product-security@qualcomm.com","type":"Secondary","description":[{"lang":"en","value":"CWE-367"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:cologne_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"8FF959C0-5AAB-4DC5-AE8F-4EFA21A00B5E"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:cologne:-:*:*:*:*:*:*:*","matchCriteriaId":"E31E0C48-FB61-47C8-B28B-3A701E85E126"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:fastconnect_6900_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"E670F500-9B71-4BBE-B5DA-221D35803C89"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:fastconnect_6900:-:*:*:*:*:*:*:*","matchCriteriaId":"9ADEB5C5-B79A-4F45-B7D3-75945B38DB6C"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:fastconnect_7800_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"B3053D68-C5D8-4D47-A4F0-9F3AF2289E1D"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:fastconnect_7800:-:*:*:*:*:*:*:*","matchCriteriaId":"638DBC7F-456F-487D-BED2-2214DFF8BEE2"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:iqx5121_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"499A2520-436C-4B12-849D-98B94088CCDE"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:iqx5121:-:*:*:*:*:*:*:*","matchCriteriaId":"4C34A825-C928-4F8F-B076-19F8787A3440"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:iqx7181_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"F58C10B5-2BB1-4A8F-AF4B-2EC791C9FBBE"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:iqx7181:-:*:*:*:*:*:*:*","matchCriteriaId":"9EE22328-BBF8-473C-8F89-58AEF8CC9D75"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:qca0000_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"CC941093-1A7C-47B2-AB3B-05AE4AE2FBE4"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:qca0000:-:*:*:*:*:*:*:*","matchCriteriaId":"7A2AA834-C17C-4E0E-A510-795818041E47"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:sc8380xp_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"14E3FE58-7F1C-4F5C-B62D-0CF124E14AB2"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:sc8380xp:-:*:*:*:*:*:*:*","matchCriteriaId":"FFCB0BBA-3F81-4FCA-B3DE-190C46DA50DB"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:wcd9378c_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"95D79E3A-1978-4B23-B60B-2BD47FEDF5C2"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:wcd9378c:-:*:*:*:*:*:*:*","matchCriteriaId":"91B32C89-3238-4FDF-BB3F-F6BAE829769B"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:wcd9380_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"70292B01-617F-44AD-AF77-1AFC1450523D"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:wcd9380:-:*:*:*:*:*:*:*","matchCriteriaId":"FA94C6D6-85DB-4031-AAF4-C399019AE16D"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:wcd9385_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"92B17201-8185-47F1-9720-5AB4ECD11B22"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:wcd9385:-:*:*:*:*:*:*:*","matchCriteriaId":"E1FA2EB9-416F-4D69-8786-386CC73978AE"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:wsa8840_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"CA33DE15-C177-43B3-AD50-FF797753D12E"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:wsa8840:-:*:*:*:*:*:*:*","matchCriteriaId":"AE1A5841-5BCB-4033-ACB9-23F3FCA65309"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:wsa8845_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"5B47BF35-3AA0-4667-842E-19B0FE30BF3C"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:wsa8845:-:*:*:*:*:*:*:*","matchCriteriaId":"8A071672-9405-4418-9141-35CEADBB65AF"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:wsa8845h_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"BB7CF473-8B25-4851-91F2-1BD693CCDC85"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:wsa8845h:-:*:*:*:*:*:*:*","matchCriteriaId":"91E591F2-8F72-4A5A-9264-2742EB2DABDA"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:x2000077_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"A91D253E-0E24-474F-B016-0AC783812EBF"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:x2000077:-:*:*:*:*:*:*:*","matchCriteriaId":"DF588C55-E61D-46C6-98C3-647748AB0192"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:x2000086_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"E763DC2C-2D41-483D-8763-8518AAFC8B09"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:x2000086:-:*:*:*:*:*:*:*","matchCriteriaId":"2DD6A8C6-F716-42F3-A16A-70CDD2F72BCD"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:x2000090_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"21436FFF-DC3A-4279-85BB-1D2F9D270FFC"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:x2000090:-:*:*:*:*:*:*:*","matchCriteriaId":"991A3700-C97D-4495-8281-A11E0472930C"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:x2000092_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"E23F8167-8C43-4CCC-B95B-1BF8462E1E90"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:x2000092:-:*:*:*:*:*:*:*","matchCriteriaId":"65E7DF1E-5CDE-4DF0-A952-A01BF059EB96"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:x2000094_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"789E6127-504B-4B50-B5C7-C7F7933378A1"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:x2000094:-:*:*:*:*:*:*:*","matchCriteriaId":"5A029C9E-9F11-4D07-BD80-B9D00A379AAD"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:xg101002_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"B7EAE86E-AC65-4C37-A23E-E4C9DBFDEE48"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:xg101002:-:*:*:*:*:*:*:*","matchCriteriaId":"71E5EA1A-F5AE-42B6-804B-59FE6016A691"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:xg101032_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"45E15ACE-6573-43FC-8B38-A3B760C8B60D"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:xg101032:-:*:*:*:*:*:*:*","matchCriteriaId":"96CF3B92-6AA8-4494-A047-C0DAB82C01D9"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:xg101039_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"4C8F081D-479F-492A-9580-8EBE8011DA4E"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:xg101039:-:*:*:*:*:*:*:*","matchCriteriaId":"9A96C6B0-5B33-45DA-B3B1-AD304B7AE313"}]}]}],"references":[{"url":"https://docs.qualcomm.com/product/publicresources/securitybulletin/july-2026-bulletin.html","source":"product-security@qualcomm.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-33734","sourceIdentifier":"security-advisories@github.com","published":"2026-07-06T21:16:55.227","lastModified":"2026-07-07T15:16:43.627","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"FOSSBilling is a free, open-source billing and client management system. Versions 0.6.0 through 0.7.2 have a SQL injection vulnerability in the `Massmailer` module filter functionality. An authenticated administrator can supply crafted filter values when updating a mass email message, causing untrusted input to be interpolated directly into SQL in the recipient selection query. Version 0.8.0 patches the issue. Some workarounds are available. Restrict administrator access to trusted users only, disable the `Massmailer` module if it is not required, audit existing records in the `mod_massmailer` table for suspicious filter values, and/or review administrator activity related to `Massmailer` message updates."}],"affected":[{"source":"security-advisories@github.com","affectedData":[{"vendor":"FOSSBilling","product":"FOSSBilling","versions":[{"version":">= 0.6.0, < 0.8.0","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":6.9,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"HIGH","userInteraction":"NONE","vulnConfidentialityImpact":"HIGH","vulnIntegrityImpact":"NONE","vulnAvailabilityImpact":"NONE","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-07T14:04:15.262288Z","id":"CVE-2026-33734","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-89"}]}],"references":[{"url":"https://github.com/FOSSBilling/FOSSBilling/security/advisories/GHSA-jf7m-j359-2899","source":"security-advisories@github.com"},{"url":"https://github.com/FOSSBilling/FOSSBilling/security/advisories/GHSA-jf7m-j359-2899","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0"}]}},{"cve":{"id":"CVE-2026-34038","sourceIdentifier":"security-advisories@github.com","published":"2026-07-06T21:16:55.370","lastModified":"2026-07-07T13:22:13.557","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. Prior to 4.0.0-beta.469, an authenticated remote command injection vulnerability in application deployment handling allows users with application write permissions to achieve remote code execution and exfiltrate sensitive environment variables through deployment logs via fields such as dockerfile_location and deployment commands. This issue is fixed in version 4.0.0-beta.469."}],"affected":[{"source":"security-advisories@github.com","affectedData":[{"vendor":"coollabsio","product":"coolify","versions":[{"version":"< 4.0.0-beta.469","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H","baseScore":9.9,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.1,"impactScore":6.0}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-07T12:42:50.359276Z","id":"CVE-2026-34038","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-78"}]}],"references":[{"url":"https://github.com/coollabsio/coolify/commit/23f9156c7306b221101f1ebbe4d3c6b5e2522acd","source":"security-advisories@github.com"},{"url":"https://github.com/coollabsio/coolify/pull/9007","source":"security-advisories@github.com"},{"url":"https://github.com/coollabsio/coolify/releases/tag/v4.0.0-beta.469","source":"security-advisories@github.com"},{"url":"https://github.com/coollabsio/coolify/security/advisories/GHSA-qqrq-r9h4-x6wp","source":"security-advisories@github.com"},{"url":"https://github.com/coollabsio/coolify/security/advisories/GHSA-qqrq-r9h4-x6wp","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0"}]}},{"cve":{"id":"CVE-2026-42331","sourceIdentifier":"security-advisories@github.com","published":"2026-07-06T21:16:55.617","lastModified":"2026-07-07T15:16:46.967","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"FOSSBilling is a free, open-source billing and client management system. Prior to version 0.8.0, the Guest API invoice/update endpoint is missing an authorization check present in other invoice-related endpoints, allowing an unauthenticated user with knowledge of an invoice hash to modify the payment gateway associated with an unpaid invoice. An attacker who obtains an invoice hash, which may leak through shared URLs, referrer headers, or email links,  can change the `gateway_id` on an unpaid invoice to any payment gateway configured in the system. This does not allow redirecting payments to an arbitrary external endpoint, as the gateway must already be installed and configured by an administrator. The practical impact is further limited by the `invoice_accessible_from_hash` system setting. Version 0.8.0 contains a patch. No known workarounds are available."}],"affected":[{"source":"security-advisories@github.com","affectedData":[{"vendor":"FOSSBilling","product":"FOSSBilling","versions":[{"version":"< 0.8.0","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:H/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":7.7,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"NONE","userInteraction":"NONE","vulnConfidentialityImpact":"NONE","vulnIntegrityImpact":"LOW","vulnAvailabilityImpact":"NONE","subConfidentialityImpact":"NONE","subIntegrityImpact":"HIGH","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-07T13:51:34.115224Z","id":"CVE-2026-42331","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-306"},{"lang":"en","value":"CWE-863"}]}],"references":[{"url":"https://github.com/FOSSBilling/FOSSBilling/security/advisories/GHSA-8755-w77f-3g7j","source":"security-advisories@github.com"},{"url":"https://github.com/FOSSBilling/FOSSBilling/security/advisories/GHSA-8755-w77f-3g7j","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0"}]}},{"cve":{"id":"CVE-2026-42341","sourceIdentifier":"security-advisories@github.com","published":"2026-07-06T21:16:55.740","lastModified":"2026-07-07T16:16:39.413","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"FOSSBilling is a free, open-source billing and client management system. Versions 0.6.0 through 0.7.2 have an unauthenticated payment bypass vulnerability in FOSSBilling's IPN callback endpoint. When the Custom payment adapter is enabled, an attacker can mark any unpaid invoice as paid and credit the associated client account without making an actual payment, by sending a single crafted HTTP request. Version 0.8.0 patches the issue. Some workarounds are available. Disable the Custom payment gateway if not actively needed and/or restrict access to `/ipn.php` at the web server level (e.g., via IP allowlisting), noting that this may interfere with legitimate payment callback processing."}],"affected":[{"source":"security-advisories@github.com","affectedData":[{"vendor":"FOSSBilling","product":"FOSSBilling","versions":[{"version":">= 0.6.0, < 0.8.0","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:H/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":9.2,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"NONE","userInteraction":"NONE","vulnConfidentialityImpact":"NONE","vulnIntegrityImpact":"HIGH","vulnAvailabilityImpact":"NONE","subConfidentialityImpact":"NONE","subIntegrityImpact":"HIGH","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-07T15:15:29.812048Z","id":"CVE-2026-42341","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-306"},{"lang":"en","value":"CWE-346"}]}],"references":[{"url":"https://github.com/FOSSBilling/FOSSBilling/security/advisories/GHSA-5493-9m76-2qrr","source":"security-advisories@github.com"}]}},{"cve":{"id":"CVE-2026-55727","sourceIdentifier":"security@genetec.com","published":"2026-07-06T21:16:57.580","lastModified":"2026-07-07T14:00:51.320","vulnStatus":"Awaiting Analysis","cveTags":[],"descriptions":[{"lang":"en","value":"A flaw in the authentication mechanism for video stream requests in Genetec Security Center 5.14.0.0 prior to build 5.14.178.18 may allow an unauthenticated attacker to access live video streams."}],"affected":[{"source":"security@genetec.com","affectedData":[{"vendor":"Genetec Inc.","product":"Genetec Security Center","defaultStatus":"unaffected","platforms":["Windows"],"versions":[{"version":"5.14.0.0 build 5.14.178.8","lessThan":"5.14.0.0 build 5.14.178.18","versionType":"custom","status":"affected"},{"version":"5.14.0.0 build 5.14.178.18","versionType":"custom","status":"unaffected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"security@genetec.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-06T20:52:10.299500Z","id":"CVE-2026-55727","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security@genetec.com","type":"Secondary","description":[{"lang":"en","value":"CWE-287"}]}],"references":[{"url":"https://resources.genetec.com/security-advisories/vulnerability-affecting-live-video-retrieval-in-security-center-5-14-0-0","source":"security@genetec.com"}]}},{"cve":{"id":"CVE-2026-59711","sourceIdentifier":"disclosure@vulncheck.com","published":"2026-07-06T21:16:58.660","lastModified":"2026-07-07T15:16:49.570","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"showdown contains a cross-site scripting vulnerability in metadata title handling that allows attackers to inject arbitrary HTML and JavaScript. When completeHTMLDocument option is enabled, unescaped less-than and greater-than characters in markdown frontmatter metadata are inserted directly into HTML title tags, enabling attackers to break out of the title context and execute malicious scripts in the rendered page."}],"affected":[{"source":"disclosure@vulncheck.com","affectedData":[{"vendor":"showdown","product":"showdown","defaultStatus":"unaffected","packageURL":"pkg:npm/showdown","versions":[{"version":"0","lessThanOrEqual":"2.1.0","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"disclosure@vulncheck.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:L/VI:L/VA:N/SC:L/SI:L/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":5.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"NONE","userInteraction":"PASSIVE","vulnConfidentialityImpact":"LOW","vulnIntegrityImpact":"LOW","vulnAvailabilityImpact":"NONE","subConfidentialityImpact":"LOW","subIntegrityImpact":"LOW","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"disclosure@vulncheck.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","baseScore":6.1,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":2.7}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-07T14:06:48.974766Z","id":"CVE-2026-59711","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"disclosure@vulncheck.com","type":"Secondary","description":[{"lang":"en","value":"CWE-79"}]}],"references":[{"url":"https://github.com/showdownjs/showdown","source":"disclosure@vulncheck.com"},{"url":"https://github.com/showdownjs/showdown/issues/1047","source":"disclosure@vulncheck.com"},{"url":"https://www.vulncheck.com/advisories/showdown-cross-site-scripting-via-unescaped-metadata-title-in-completehtmldocument","source":"disclosure@vulncheck.com"},{"url":"https://github.com/showdownjs/showdown/issues/1047","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0"}]}},{"cve":{"id":"CVE-2026-59712","sourceIdentifier":"disclosure@vulncheck.com","published":"2026-07-06T21:16:58.793","lastModified":"2026-07-07T14:16:34.150","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"Leantime's Users::getUser method in the JSON-RPC API lacks proper authorization checks, allowing authenticated users to retrieve full user credential rows including password hashes, TOTP secrets, and session tokens. Attackers can exploit this by calling users.getUser with arbitrary user IDs to enumerate all accounts and obtain credentials for offline password cracking, 2FA bypass, and session hijacking."}],"affected":[{"source":"disclosure@vulncheck.com","affectedData":[{"vendor":"Leantime","product":"Leantime","defaultStatus":"unaffected","packageURL":"pkg:npm/leantime","versions":[{"version":"0","lessThanOrEqual":"3.4.4","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"disclosure@vulncheck.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":8.6,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"LOW","userInteraction":"NONE","vulnConfidentialityImpact":"HIGH","vulnIntegrityImpact":"HIGH","vulnAvailabilityImpact":"NONE","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"disclosure@vulncheck.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N","baseScore":8.1,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":5.2}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-07T13:43:37.598340Z","id":"CVE-2026-59712","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"disclosure@vulncheck.com","type":"Secondary","description":[{"lang":"en","value":"CWE-639"}]}],"references":[{"url":"https://github.com/Leantime/leantime","source":"disclosure@vulncheck.com"},{"url":"https://github.com/Leantime/leantime/commit/4f2612d13e0e8a2093092a846b44506cf133b671","source":"disclosure@vulncheck.com"},{"url":"https://github.com/Leantime/leantime/issues/3556","source":"disclosure@vulncheck.com"},{"url":"https://www.vulncheck.com/advisories/leantime-credential-disclosure-via-unauthenticated-json-rpc-users-getuser-method","source":"disclosure@vulncheck.com"}]}},{"cve":{"id":"CVE-2026-59713","sourceIdentifier":"disclosure@vulncheck.com","published":"2026-07-06T21:16:58.930","lastModified":"2026-07-07T15:16:49.700","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"Leantime contains an OIDC login CSRF vulnerability in the verifyState() method that unconditionally returns true without validating state parameters. Attackers can craft malicious callback URLs with attacker-controlled authorization codes to perform session fixation, logging victims in as the attacker."}],"affected":[{"source":"disclosure@vulncheck.com","affectedData":[{"vendor":"Leantime","product":"Leantime","defaultStatus":"unaffected","packageURL":"pkg:npm/leantime","versions":[{"version":"0","lessThanOrEqual":"3.4.4","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"disclosure@vulncheck.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":8.6,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"NONE","userInteraction":"PASSIVE","vulnConfidentialityImpact":"HIGH","vulnIntegrityImpact":"HIGH","vulnAvailabilityImpact":"NONE","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"disclosure@vulncheck.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N","baseScore":8.1,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":5.2}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-07T14:22:32.113353Z","id":"CVE-2026-59713","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"disclosure@vulncheck.com","type":"Secondary","description":[{"lang":"en","value":"CWE-352"}]}],"references":[{"url":"https://github.com/Leantime/leantime","source":"disclosure@vulncheck.com"},{"url":"https://github.com/Leantime/leantime/commit/9630eb7db682fb1b4e23cdabf3428d03ec6f5094","source":"disclosure@vulncheck.com"},{"url":"https://github.com/Leantime/leantime/issues/3535","source":"disclosure@vulncheck.com"},{"url":"https://www.vulncheck.com/advisories/leantime-oidc-login-csrf-via-unconditional-state-verification-stub","source":"disclosure@vulncheck.com"}]}},{"cve":{"id":"CVE-2026-32718","sourceIdentifier":"security-advisories@github.com","published":"2026-07-06T22:16:47.927","lastModified":"2026-07-07T15:16:43.513","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. Prior to 4.0.0-beta.466, mutating API validation endpoints are guarded by read ability, allowing read-scoped API tokens to perform state-changing operations such as validating cloud tokens and servers. This issue is fixed in version 4.0.0-beta.466."}],"affected":[{"source":"security-advisories@github.com","affectedData":[{"vendor":"coollabsio","product":"coolify","versions":[{"version":"< 4.0.0-beta.466","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-07T14:01:21.284915Z","id":"CVE-2026-32718","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-863"}]}],"references":[{"url":"https://github.com/coollabsio/coolify/commit/c15bcd56347fc8c535755791e92e4f6c2af17e3a","source":"security-advisories@github.com"},{"url":"https://github.com/coollabsio/coolify/pull/8893","source":"security-advisories@github.com"},{"url":"https://github.com/coollabsio/coolify/security/advisories/GHSA-f47p-xrgc-977v","source":"security-advisories@github.com"},{"url":"https://github.com/coollabsio/coolify/security/advisories/GHSA-f47p-xrgc-977v","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0"}]}},{"cve":{"id":"CVE-2026-34049","sourceIdentifier":"security-advisories@github.com","published":"2026-07-06T22:16:48.117","lastModified":"2026-07-07T13:22:13.557","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. From 4.0.0-beta.451 through 4.0.0-beta.470, database backup handling for MongoDB collection names did not fully validate shell metacharacters, allowing a highly privileged attacker who can configure backup inputs to inject commands. This issue is fixed in version 4.0.0-beta.471."}],"affected":[{"source":"security-advisories@github.com","affectedData":[{"vendor":"coollabsio","product":"coolify","versions":[{"version":">= 4.0.0-beta.451, < 4.0.0-beta.471","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:N","baseScore":3.3,"baseSeverity":"LOW","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":0.7,"impactScore":2.5}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-07T12:46:06.149619Z","id":"CVE-2026-34049","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-78"}]}],"references":[{"url":"https://github.com/coollabsio/coolify/commit/b1de75a7c67ce6aee977bd788b41e61837dbe0b9","source":"security-advisories@github.com"},{"url":"https://github.com/coollabsio/coolify/pull/9168","source":"security-advisories@github.com"},{"url":"https://github.com/coollabsio/coolify/releases/tag/v4.0.0-beta.471","source":"security-advisories@github.com"},{"url":"https://github.com/coollabsio/coolify/security/advisories/GHSA-4mpw-wcj4-v9pp","source":"security-advisories@github.com"},{"url":"https://github.com/coollabsio/coolify/security/advisories/GHSA-4mpw-wcj4-v9pp","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0"}]}},{"cve":{"id":"CVE-2026-34050","sourceIdentifier":"security-advisories@github.com","published":"2026-07-06T22:16:48.250","lastModified":"2026-07-07T15:16:44.300","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. Prior to 4.0.0-beta.471, the Settings/Updates Livewire component does not check isInstanceAdmin in its mount method, allowing non-admin users to access the Updates settings page and potentially modify auto-update settings or trigger update checks. This issue is fixed in version 4.0.0-beta.471."}],"affected":[{"source":"security-advisories@github.com","affectedData":[{"vendor":"coollabsio","product":"coolify","versions":[{"version":"< 4.0.0-beta.471","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-07T13:50:49.586851Z","id":"CVE-2026-34050","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-862"}]}],"references":[{"url":"https://github.com/coollabsio/coolify/commit/0fed553207383f384b93cba24d28122065fa67d5","source":"security-advisories@github.com"},{"url":"https://github.com/coollabsio/coolify/pull/9206","source":"security-advisories@github.com"},{"url":"https://github.com/coollabsio/coolify/security/advisories/GHSA-c339-w3cq-2rjr","source":"security-advisories@github.com"}]}},{"cve":{"id":"CVE-2026-34153","sourceIdentifier":"security-advisories@github.com","published":"2026-07-06T22:16:48.370","lastModified":"2026-07-07T16:16:38.680","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. Prior to 4.0.0-beta.471, LocalFileVolume::saveStorageOnServer builds shell commands using unescaped fs_path and parent_dir values before validation, and submitFileStorage does not validate the user-controlled file-mount path before creating a volume, allowing an authenticated user who can add file storage to execute commands when the storage is saved. This issue is fixed in version 4.0.0-beta.471."}],"affected":[{"source":"security-advisories@github.com","affectedData":[{"vendor":"coollabsio","product":"coolify","versions":[{"version":"< 4.0.0-beta.471","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-07T14:51:28.219962Z","id":"CVE-2026-34153","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-78"}]}],"references":[{"url":"https://github.com/coollabsio/coolify/commit/3fdce06b654fa3b7b4be59c0faaab6b4546c78de","source":"security-advisories@github.com"},{"url":"https://github.com/coollabsio/coolify/pull/9176","source":"security-advisories@github.com"},{"url":"https://github.com/coollabsio/coolify/security/advisories/GHSA-46hp-7m8g-7622","source":"security-advisories@github.com"}]}},{"cve":{"id":"CVE-2026-34599","sourceIdentifier":"security-advisories@github.com","published":"2026-07-06T22:16:48.623","lastModified":"2026-07-07T15:16:44.700","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. Prior to 4.0.0-beta.471, there is an authenticated command injection vulnerability in the GetLogs Livewire component which allows users with team membership (lowest privilege member role) to execute arbitrary commands as root on managed servers. The $container Livewire public property is interpolated directly into shell commands (docker logs, docker service logs) without sanitization, and can be modified by any client via the Livewire wire protocol because it lacks the #[Locked] attribute. This issue is fixed in version 4.0.0-beta.471."}],"affected":[{"source":"security-advisories@github.com","affectedData":[{"vendor":"coollabsio","product":"coolify","versions":[{"version":"< 4.0.0-beta.471","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-07T14:23:22.310118Z","id":"CVE-2026-34599","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-78"}]}],"references":[{"url":"https://github.com/coollabsio/coolify/commit/f267a28cb2badc7e712c4592af4d79d090fe5063","source":"security-advisories@github.com"},{"url":"https://github.com/coollabsio/coolify/pull/9229","source":"security-advisories@github.com"},{"url":"https://github.com/coollabsio/coolify/releases/tag/v4.0.0-beta.471","source":"security-advisories@github.com"},{"url":"https://github.com/coollabsio/coolify/security/advisories/GHSA-q9j6-xcvx-px63","source":"security-advisories@github.com"}]}},{"cve":{"id":"CVE-2026-38976","sourceIdentifier":"cve@mitre.org","published":"2026-07-06T22:16:48.900","lastModified":"2026-07-07T17:16:36.247","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"mrubyc through 3.4.1 was found to contain a NULL pointer dereference in src/vm.c in op_super() / OP_SUPER due to a missing runtime guard for top-level super."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-07T16:13:20.807651Z","id":"CVE-2026-38976","options":[{"exploitation":"poc"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-476"}]}],"references":[{"url":"https://github.com/hayat01sh1da/mrubyc/commit/c4aa2a06bfdd13a0f1ae5165c5760a2530314a42","source":"cve@mitre.org"},{"url":"https://github.com/mrubyc/mrubyc","source":"cve@mitre.org"},{"url":"https://github.com/mrubyc/mrubyc/issues/276","source":"cve@mitre.org"},{"url":"https://github.com/mrubyc/mrubyc/issues/276","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0"}]}},{"cve":{"id":"CVE-2026-41899","sourceIdentifier":"security-advisories@github.com","published":"2026-07-06T22:16:49.130","lastModified":"2026-07-07T15:16:45.423","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. Prior to 4.0.0-beta.474, POST /api/feedback has no authentication, no rate limiting, and no input validation, allowing arbitrary content to be forwarded directly to a Discord webhook and enabling spam, content injection, and webhook abuse. This issue is fixed in version 4.0.0-beta.474."}],"affected":[{"source":"security-advisories@github.com","affectedData":[{"vendor":"coollabsio","product":"coolify","versions":[{"version":"< 4.0.0-beta.474","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"LOW","availabilityImpact":"LOW"},"exploitabilityScore":3.9,"impactScore":2.5}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-07T14:00:27.321492Z","id":"CVE-2026-41899","options":[{"exploitation":"poc"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-306"},{"lang":"en","value":"CWE-770"}]}],"references":[{"url":"https://github.com/coollabsio/coolify/commit/371e883c75a87d82c398bf89ee8ad6387348520d","source":"security-advisories@github.com"},{"url":"https://github.com/coollabsio/coolify/pull/9653","source":"security-advisories@github.com"},{"url":"https://github.com/coollabsio/coolify/security/advisories/GHSA-v64c-v633-58xp","source":"security-advisories@github.com"},{"url":"https://github.com/coollabsio/coolify/security/advisories/GHSA-v64c-v633-58xp","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0"}]}},{"cve":{"id":"CVE-2026-42148","sourceIdentifier":"security-advisories@github.com","published":"2026-07-06T22:16:49.257","lastModified":"2026-07-07T13:22:13.557","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. Prior to 4.0.0-beta.474, the buildHelperImage method in app/Livewire/Settings/Index.php constructs a Docker build command using the dev_helper_version field without shell escaping, allowing an attacker who can set the helper version and trigger the helper image build in a development environment to execute arbitrary commands on the server. This issue is fixed in version 4.0.0-beta.474."}],"affected":[{"source":"security-advisories@github.com","affectedData":[{"vendor":"coollabsio","product":"coolify","versions":[{"version":"< 4.0.0-beta.474","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:U/C:L/I:L/A:L","baseScore":3.8,"baseSeverity":"LOW","attackVector":"LOCAL","attackComplexity":"HIGH","privilegesRequired":"HIGH","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"LOW"},"exploitabilityScore":0.3,"impactScore":3.4}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-07T12:43:40.730615Z","id":"CVE-2026-42148","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-78"}]}],"references":[{"url":"https://github.com/coollabsio/coolify/commit/dc9322b11f5f4ab96e56af0df7d4f877e96e5e4c","source":"security-advisories@github.com"},{"url":"https://github.com/coollabsio/coolify/pull/9670","source":"security-advisories@github.com"},{"url":"https://github.com/coollabsio/coolify/security/advisories/GHSA-x9qh-w4c4-54f9","source":"security-advisories@github.com"},{"url":"https://github.com/coollabsio/coolify/security/advisories/GHSA-x9qh-w4c4-54f9","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0"}]}},{"cve":{"id":"CVE-2026-42153","sourceIdentifier":"security-advisories@github.com","published":"2026-07-06T22:16:49.383","lastModified":"2026-07-07T14:16:30.477","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. Prior to 4.0.0-beta.474, PostgreSQL healthcheck command generation used attacker-controlled database settings (postgres_user and postgres_db) in shell-form commands, allowing an authenticated user to inject commands executed in the database container. This issue is fixed in version 4.0.0-beta.474."}],"affected":[{"source":"security-advisories@github.com","affectedData":[{"vendor":"coollabsio","product":"coolify","versions":[{"version":"< 4.0.0-beta.474","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-07T13:46:25.230207Z","id":"CVE-2026-42153","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-78"}]}],"references":[{"url":"https://github.com/coollabsio/coolify/commit/b74f54302b1a857c22c55fe1210d700859b0b3df","source":"security-advisories@github.com"},{"url":"https://github.com/coollabsio/coolify/pull/9674","source":"security-advisories@github.com"},{"url":"https://github.com/coollabsio/coolify/releases/tag/v4.0.0-beta.474","source":"security-advisories@github.com"},{"url":"https://github.com/coollabsio/coolify/security/advisories/GHSA-gvc4-f276-r88p","source":"security-advisories@github.com"},{"url":"https://github.com/coollabsio/coolify/security/advisories/GHSA-gvc4-f276-r88p","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0"}]}},{"cve":{"id":"CVE-2026-42204","sourceIdentifier":"security-advisories@github.com","published":"2026-07-06T22:16:49.510","lastModified":"2026-07-07T15:16:46.867","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. From 4.0.0-beta.471 through 4.0.0-beta.473, a regression in SHELL_SAFE_COMMAND_PATTERN allowed ampersands in custom Docker Compose build, start, and pre/post-deployment command fields, allowing an authenticated team member to inject shell commands that execute on the host. This issue is fixed in version 4.0.0-beta.474."}],"affected":[{"source":"security-advisories@github.com","affectedData":[{"vendor":"coollabsio","product":"coolify","versions":[{"version":">= 4.0.0-beta.471, < 4.0.0-beta.474","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-07T14:47:26.768127Z","id":"CVE-2026-42204","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-78"}]}],"references":[{"url":"https://github.com/coollabsio/coolify/commit/e1aac50b745cf499e710b7e35cd2a9d6a1538dd9","source":"security-advisories@github.com"},{"url":"https://github.com/coollabsio/coolify/pull/9684","source":"security-advisories@github.com"},{"url":"https://github.com/coollabsio/coolify/releases/tag/v4.0.0-beta.474","source":"security-advisories@github.com"},{"url":"https://github.com/coollabsio/coolify/security/advisories/GHSA-chg4-63hm-xv9x","source":"security-advisories@github.com"},{"url":"https://github.com/coollabsio/coolify/security/advisories/GHSA-chg4-63hm-xv9x","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0"}]}},{"cve":{"id":"CVE-2026-43921","sourceIdentifier":"security-advisories@github.com","published":"2026-07-06T22:16:49.837","lastModified":"2026-07-07T15:16:47.073","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"FOSSBilling is a free, open-source billing and client management system. Versions 0.6.10 through 0.7.2 have a PHP code injection vulnerability in FOSSBilling's `Config::prettyPrintArrayToPHP()` method. When configuration values are updated, string values are written into `config.php` without escaping single quotes. Because `config.php` is loaded via a bare `include` on every HTTP request, an attacker with admin privileges can inject arbitrary PHP code that executes on every subsequent request. Version 0.8.0 contains a patch. Some workarounds are available. Restrict admin access to trusted personnel only; audit `config.php` for unexpected PHP code; and/ or at the reverse proxy/WAF level, restrict access to admin API endpoints that modify configuration."}],"affected":[{"source":"security-advisories@github.com","affectedData":[{"vendor":"FOSSBilling","product":"FOSSBilling","versions":[{"version":">= 0.6.10, < 0.8.0","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":8.9,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"PRESENT","privilegesRequired":"HIGH","userInteraction":"NONE","vulnConfidentialityImpact":"HIGH","vulnIntegrityImpact":"HIGH","vulnAvailabilityImpact":"HIGH","subConfidentialityImpact":"HIGH","subIntegrityImpact":"HIGH","subAvailabilityImpact":"HIGH","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-07T14:25:26.887871Z","id":"CVE-2026-43921","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-94"}]}],"references":[{"url":"https://github.com/FOSSBilling/FOSSBilling/security/advisories/GHSA-v4j9-w6pj-38w5","source":"security-advisories@github.com"}]}},{"cve":{"id":"CVE-2026-43925","sourceIdentifier":"security-advisories@github.com","published":"2026-07-06T22:16:49.963","lastModified":"2026-07-07T15:16:47.183","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"FOSSBilling is a free, open-source billing and client management system. Prior to version 0.8.0, an unauthenticated mass assignment vulnerability in the client self-registration endpoint allows any visitor to assign themselves to an arbitrary client group during sign-up. Because client groups can gate promo code eligibility, an attacker may apply group-restricted discount codes and receive unauthorized discounts. Version 0.8.0 contains a patch. As a workaround, administrators can either remove group restrictions from promo codes or disable client self-registration (Settings → Clients → Disable signup)."}],"affected":[{"source":"security-advisories@github.com","affectedData":[{"vendor":"FOSSBilling","product":"FOSSBilling","versions":[{"version":"< 0.8.0","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:L/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":6.9,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"NONE","userInteraction":"NONE","vulnConfidentialityImpact":"NONE","vulnIntegrityImpact":"LOW","vulnAvailabilityImpact":"NONE","subConfidentialityImpact":"NONE","subIntegrityImpact":"LOW","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-07T13:59:39.698567Z","id":"CVE-2026-43925","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-915"}]}],"references":[{"url":"https://github.com/FOSSBilling/FOSSBilling/security/advisories/GHSA-q4rq-9844-r9w2","source":"security-advisories@github.com"}]}},{"cve":{"id":"CVE-2026-43927","sourceIdentifier":"security-advisories@github.com","published":"2026-07-06T22:16:50.083","lastModified":"2026-07-07T13:22:13.557","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"FOSSBilling is a free, open-source billing and client management system. Prior to version 0.8.0, a race condition in the cart checkout flow allows an authenticated client to apply a promo code beyond its configured maximum uses. By sending concurrent checkout requests before any single request completes the usage increment, a client can obtain unlimited discounted or free orders from a single-use or limited-use promo code. Version 0.8.0 patches the issue. Some workarounds are available. Disable promo codes entirely until a patch is available or monitor the `promo` table for `used` values exceeding `maxuses` and manually review affected orders."}],"affected":[{"source":"security-advisories@github.com","affectedData":[{"vendor":"FOSSBilling","product":"FOSSBilling","versions":[{"version":"< 0.8.0","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":6.9,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"NONE","userInteraction":"NONE","vulnConfidentialityImpact":"NONE","vulnIntegrityImpact":"LOW","vulnAvailabilityImpact":"NONE","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-07T12:46:52.345735Z","id":"CVE-2026-43927","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-367"}]}],"references":[{"url":"https://github.com/FOSSBilling/FOSSBilling/security/advisories/GHSA-w898-cx35-25gh","source":"security-advisories@github.com"}]}},{"cve":{"id":"CVE-2026-43928","sourceIdentifier":"security-advisories@github.com","published":"2026-07-06T22:16:50.210","lastModified":"2026-07-07T14:16:30.583","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"FOSSBilling is a free, open-source billing and client management system. Prior to version 0.8.0, the PayPalEmail payment adapter accepts PayPal IPN callbacks and credits the IPN-supplied amount (`mc_gross`) to the client's balance without validating it against the invoice total. Combined with a $0.05 floating-point epsilon tolerance in the invoice credit-payment logic, this allows a client to underpay an invoice by up to $0.04 and still have it marked as fully paid. Version 0.8.0 patches the issue. There is no effective workaround without modifying the source code. Merchants using the PayPalEmail adapter should monitor IPN transactions for amounts that do not match their corresponding invoice totals, and manually review and refund suspicious payments."}],"affected":[{"source":"security-advisories@github.com","affectedData":[{"vendor":"FOSSBilling","product":"FOSSBilling","versions":[{"version":"< 0.8.0","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":2.3,"baseSeverity":"LOW","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"PRESENT","privilegesRequired":"LOW","userInteraction":"NONE","vulnConfidentialityImpact":"NONE","vulnIntegrityImpact":"LOW","vulnAvailabilityImpact":"NONE","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-07T13:39:25.364995Z","id":"CVE-2026-43928","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-754"},{"lang":"en","value":"CWE-1284"}]}],"references":[{"url":"https://github.com/FOSSBilling/FOSSBilling/security/advisories/GHSA-xjc6-g382-h942","source":"security-advisories@github.com"},{"url":"https://github.com/FOSSBilling/FOSSBilling/security/advisories/GHSA-xjc6-g382-h942","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0"}]}},{"cve":{"id":"CVE-2026-59710","sourceIdentifier":"disclosure@vulncheck.com","published":"2026-07-06T22:16:50.977","lastModified":"2026-07-07T13:57:49.473","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"showdown contains a stored cross-site scripting vulnerability in the parseHeaders function of src/subParsers/makehtml/tables.js that fails to properly escape table header ID attributes. Attackers can inject arbitrary HTML and script-executing SVG elements through double-quote characters in markdown table headers, achieving stored XSS when untrusted markdown is rendered with the default github flavor configuration."}],"affected":[{"source":"disclosure@vulncheck.com","affectedData":[{"vendor":"showdown","product":"showdown","defaultStatus":"unaffected","packageURL":"pkg:npm/showdown","versions":[{"version":"0","lessThanOrEqual":"2.1.0","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"disclosure@vulncheck.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:L/VI:L/VA:N/SC:L/SI:L/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":5.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"NONE","userInteraction":"PASSIVE","vulnConfidentialityImpact":"LOW","vulnIntegrityImpact":"LOW","vulnAvailabilityImpact":"NONE","subConfidentialityImpact":"LOW","subIntegrityImpact":"LOW","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"disclosure@vulncheck.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","baseScore":6.1,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":2.7}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-07T12:45:18.218566Z","id":"CVE-2026-59710","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"disclosure@vulncheck.com","type":"Secondary","description":[{"lang":"en","value":"CWE-79"}]}],"references":[{"url":"https://github.com/showdownjs/showdown","source":"disclosure@vulncheck.com"},{"url":"https://github.com/showdownjs/showdown/commit/e5cab1e9a5dcea2bb3cbf888863fa7e65ab37edf","source":"disclosure@vulncheck.com"},{"url":"https://github.com/showdownjs/showdown/issues/1046","source":"disclosure@vulncheck.com"},{"url":"https://www.vulncheck.com/advisories/showdown-stored-xss-via-unescaped-table-header-id-attribute-injection","source":"disclosure@vulncheck.com"},{"url":"https://github.com/showdownjs/showdown/issues/1046","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0"}]}},{"cve":{"id":"CVE-2026-53640","sourceIdentifier":"security-advisories@github.com","published":"2026-07-06T23:16:55.430","lastModified":"2026-07-07T15:16:47.720","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"FOSSBilling is a free, open-source billing and client management system. Prior to version 0.8.0, low-privileged staff accounts may read sensitive data via admin API endpoints that lack permission checks. While sibling write endpoints correctly enforce fine-grained permissions, the corresponding read endpoints have no authorization guards. Version 0.8.0 contains a fix. Some workarounds are available. Restrict staff accounts to only those who need access to sensitive data and/or use a reverse proxy or WAF to restrict access to the affected endpoints."}],"affected":[{"source":"security-advisories@github.com","affectedData":[{"vendor":"FOSSBilling","product":"FOSSBilling","versions":[{"version":"< 0.8.0","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":2.3,"baseSeverity":"LOW","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"PRESENT","privilegesRequired":"LOW","userInteraction":"NONE","vulnConfidentialityImpact":"LOW","vulnIntegrityImpact":"NONE","vulnAvailabilityImpact":"NONE","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-07T14:10:52.457718Z","id":"CVE-2026-53640","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-200"},{"lang":"en","value":"CWE-862"}]}],"references":[{"url":"https://github.com/FOSSBilling/FOSSBilling/security/advisories/GHSA-jqw4-3hj3-8m4f","source":"security-advisories@github.com"}]}},{"cve":{"id":"CVE-2026-53642","sourceIdentifier":"security-advisories@github.com","published":"2026-07-06T23:16:56.097","lastModified":"2026-07-07T15:16:47.823","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"FOSSBilling is a free, open-source billing and client management system. In versions 0.5.6 through 0.7.2, when the \"Require Email Confirmation\" setting is enabled, a logged-in client with an unverified email address (`email_approved = 0`) can access all client-area pages (e.g. `/client/balance`, `/client/order/list`, `/client/invoice`) and read real account data, including wallet balances and transaction history. The API-side enforcement correctly restricts unverified clients to only profile-related endpoints, but the page-side enforcement is overly permissive, allowing any request whose path starts with `/client`. Version 0.8.0 contains a fix. No known workarounds that don't involve modifying the source code are available."}],"affected":[{"source":"security-advisories@github.com","affectedData":[{"vendor":"FOSSBilling","product":"FOSSBilling","versions":[{"version":">= 0.5.6, < 0.8.0","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":5.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"LOW","userInteraction":"NONE","vulnConfidentialityImpact":"LOW","vulnIntegrityImpact":"NONE","vulnAvailabilityImpact":"NONE","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-07T14:26:52.722102Z","id":"CVE-2026-53642","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-863"}]}],"references":[{"url":"https://github.com/FOSSBilling/FOSSBilling/security/advisories/GHSA-7v47-rh46-w923","source":"security-advisories@github.com"}]}},{"cve":{"id":"CVE-2026-53643","sourceIdentifier":"security-advisories@github.com","published":"2026-07-06T23:16:56.227","lastModified":"2026-07-07T15:16:47.930","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"FOSSBilling is a free, open-source billing and client management system. Versions prior to 0.8.0 allow low-privileged staff accounts to perform unauthorized actions via admin API endpoints. The root cause is a combination of the `can_always_access` module flag (which grants all staff access to certain modules) and insufficient permission checks or unsafe parameter handling on individual endpoints. Version 0.8.0 contains a fix. Some workarounds are available. Restrict staff accounts to only those who need access to sensitive settings and/or use a reverse proxy or WAF to restrict access to the affected endpoints to trusted IP addresses or higher-privilege roles."}],"affected":[{"source":"security-advisories@github.com","affectedData":[{"vendor":"FOSSBilling","product":"FOSSBilling","versions":[{"version":"< 0.8.0","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":8.7,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"LOW","userInteraction":"NONE","vulnConfidentialityImpact":"HIGH","vulnIntegrityImpact":"HIGH","vulnAvailabilityImpact":"HIGH","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-07T13:58:59.610320Z","id":"CVE-2026-53643","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-200"},{"lang":"en","value":"CWE-639"},{"lang":"en","value":"CWE-862"}]}],"references":[{"url":"https://github.com/FOSSBilling/FOSSBilling/security/advisories/GHSA-563q-g4r4-6f9m","source":"security-advisories@github.com"}]}},{"cve":{"id":"CVE-2026-53644","sourceIdentifier":"security-advisories@github.com","published":"2026-07-06T23:16:56.360","lastModified":"2026-07-07T14:16:32.743","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"FOSSBilling is a free, open-source billing and client management system. Versions 0.5.3 through 0.7.2 allow authenticated clients to both read and reset API key service secrets for orders that are no longer in an `active` state (e.g., `suspended`, `canceled`). The root cause is missing order-state validation in two client API endpoints, despite an `isActive()` helper already existing in the `Serviceapikey` module and the frontend UI correctly gating access on `order.status == 'active'`. Version 0.8.0 contains a fix. Some workarounds are available. If the `Serviceapikey` module is not needed, uninstall it to remove the affected endpoints. One may also use a reverse proxy or WAF to restrict access to `/api/client/order/service` and `/api/client/serviceapikey/reset` based on application-level order-state logic."}],"affected":[{"source":"security-advisories@github.com","affectedData":[{"vendor":"FOSSBilling","product":"FOSSBilling","versions":[{"version":">= 0.5.3, < 0.8.0","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":8.6,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"LOW","userInteraction":"NONE","vulnConfidentialityImpact":"HIGH","vulnIntegrityImpact":"HIGH","vulnAvailabilityImpact":"NONE","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-07T13:45:35.578736Z","id":"CVE-2026-53644","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-639"}]}],"references":[{"url":"https://github.com/FOSSBilling/FOSSBilling/security/advisories/GHSA-qf6j-vq68-qmfh","source":"security-advisories@github.com"}]}},{"cve":{"id":"CVE-2026-53645","sourceIdentifier":"security-advisories@github.com","published":"2026-07-06T23:16:56.493","lastModified":"2026-07-07T14:16:32.857","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"FOSSBilling is a free, open-source billing and client management system. Versions prior to 0.8.0 allow a low-privileged staff account to grant arbitrary module permissions to itself through the admin API, resulting in persistent privilege escalation. A staff user that only has `staff.create_and_edit_staff` can call `/api/admin/staff/permissions_update` targeting their own account and write any permission structure, bypassing the intended role-based access control boundary. Version 0.8.0 patches the issue. Some workarounds are available. Restrict the `staff.create_and_edit_staff` permission to only highly trusted staff members and/or use a reverse proxy or WAF to restrict access to `/api/admin/staff/permissions_update` to specific trusted roles."}],"affected":[{"source":"security-advisories@github.com","affectedData":[{"vendor":"FOSSBilling","product":"FOSSBilling","versions":[{"version":"< 0.8.0","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:H/SI:H/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":8.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"LOW","userInteraction":"NONE","vulnConfidentialityImpact":"NONE","vulnIntegrityImpact":"HIGH","vulnAvailabilityImpact":"NONE","subConfidentialityImpact":"HIGH","subIntegrityImpact":"HIGH","subAvailabilityImpact":"LOW","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-07T13:42:35.299407Z","id":"CVE-2026-53645","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-269"}]}],"references":[{"url":"https://github.com/FOSSBilling/FOSSBilling/security/advisories/GHSA-4hf7-xxxw-64rm","source":"security-advisories@github.com"}]}},{"cve":{"id":"CVE-2026-53646","sourceIdentifier":"security-advisories@github.com","published":"2026-07-06T23:16:56.683","lastModified":"2026-07-07T15:16:48.033","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"FOSSBilling is a free, open-source billing and client management system. In versions 0.5.6 through 0.7.2, when a `ClientPasswordReset` record already exists for a client (from a previous unexpired reset request), subsequent calls to the `reset_password` guest API endpoint reuse the existing token instead of generating a new one. The 15-minute validity window is anchored to the first request's `created_at` timestamp, not the time of the most recent email. An attacker who obtained the original reset link remains able to use it even after the victim requests a new reset, because the original token is never invalidated or rotated. Version 0.8.0 patches the issue. Some workarounds are available. Configure a reverse proxy (e.g., Nginx, Apache, Cloudflare) to apply per-IP rate limiting to the `/client/reset-password` endpoint to minimize the window of opportunity, and/or manually clear expired `client_password_reset` records from the database after a client reports a suspected compromise."}],"affected":[{"source":"security-advisories@github.com","affectedData":[{"vendor":"FOSSBilling","product":"FOSSBilling","versions":[{"version":">= 0.5.6, < 0.8.0","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":7.7,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"HIGH","attackRequirements":"PRESENT","privilegesRequired":"NONE","userInteraction":"PASSIVE","vulnConfidentialityImpact":"HIGH","vulnIntegrityImpact":"HIGH","vulnAvailabilityImpact":"HIGH","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-07T13:55:46.808418Z","id":"CVE-2026-53646","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-640"}]}],"references":[{"url":"https://github.com/FOSSBilling/FOSSBilling/security/advisories/GHSA-vp66-w6rc-x32p","source":"security-advisories@github.com"}]}},{"cve":{"id":"CVE-2026-53647","sourceIdentifier":"security-advisories@github.com","published":"2026-07-07T00:16:34.263","lastModified":"2026-07-07T15:16:48.137","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"FOSSBilling is a free, open-source billing and client management system. In versions 0.5.3 through 0.7.2, the Guest `serviceapikey/get_info` API endpoint is accessible without authentication. Any caller with a valid API key can retrieve all custom configuration parameters (`custom_*` fields) stored in the key's database record. These custom fields are populated by billing administrators and can contain business-sensitive data such as pricing tiers, feature flags, rate limits, expiry overrides, or access scope data. Version 0.8.0 patches the issue. Some workarounds are available. Administrators can avoid storing sensitive data in `custom_*` API key configuration fields, monitor API logs for suspicious calls to `/api/guest/serviceapikey/get_info`, and/or disable the Serviceapikey module if not in active use."}],"affected":[{"source":"security-advisories@github.com","affectedData":[{"vendor":"FOSSBilling","product":"FOSSBilling","versions":[{"version":">= 0.5.3, < 0.8.0","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":6.9,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"NONE","userInteraction":"NONE","vulnConfidentialityImpact":"LOW","vulnIntegrityImpact":"NONE","vulnAvailabilityImpact":"NONE","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-07T14:27:51.817290Z","id":"CVE-2026-53647","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-200"},{"lang":"en","value":"CWE-306"},{"lang":"en","value":"CWE-862"}]}],"references":[{"url":"https://github.com/FOSSBilling/FOSSBilling/security/advisories/GHSA-737q-9gpr-6mpq","source":"security-advisories@github.com"}]}},{"cve":{"id":"CVE-2026-53648","sourceIdentifier":"security-advisories@github.com","published":"2026-07-07T00:16:34.390","lastModified":"2026-07-07T15:16:48.243","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"FOSSBilling is a free, open-source billing and client management system. Prior to version 0.8.1, downloadable product files are stored using a deterministic filename-derived path. When an administrator uploads a file for a downloadable product, FOSSBilling stores the file as `md5(<original filename>)` under the uploads directory. Because the stored path depends only on the client-supplied filename, two different downloadable products, or product/order files, uploaded with the same original filename will resolve to the same stored file path. A later upload can overwrite an earlier upload, causing customers or administrators downloading the earlier product to receive the later file instead. Version 0.8.1 patches the issue. Some workarounds are available. Restrict the `servicedownloadable.manage` permission to fully trusted administrators only. As an operational mitigation, ensure downloadable product files use unique filenames before upload. This reduces accidental collisions but does not fully address the underlying issue."}],"affected":[{"source":"security-advisories@github.com","affectedData":[{"vendor":"FOSSBilling","product":"FOSSBilling","versions":[{"version":"< 0.8.1","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":5.1,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"HIGH","userInteraction":"NONE","vulnConfidentialityImpact":"LOW","vulnIntegrityImpact":"LOW","vulnAvailabilityImpact":"LOW","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-07T13:57:58.054306Z","id":"CVE-2026-53648","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-73"},{"lang":"en","value":"CWE-668"}]}],"references":[{"url":"https://github.com/FOSSBilling/FOSSBilling/security/advisories/GHSA-x7p2-xhvc-cfp9","source":"security-advisories@github.com"}]}},{"cve":{"id":"CVE-2026-11328","sourceIdentifier":"security@wordfence.com","published":"2026-07-07T02:16:28.583","lastModified":"2026-07-07T14:16:27.623","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"The Exclusive Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the post title parameter in all versions up to, and including, 2.7.9.8 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page."}],"affected":[{"source":"security@wordfence.com","affectedData":[{"vendor":"timstrifler","product":"Exclusive Addons for Elementor","defaultStatus":"unaffected","versions":[{"version":"0","lessThanOrEqual":"2.7.9.8","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"security@wordfence.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N","baseScore":6.4,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":3.1,"impactScore":2.7}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-07T13:41:59.298629Z","id":"CVE-2026-11328","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security@wordfence.com","type":"Secondary","description":[{"lang":"en","value":"CWE-79"}]}],"references":[{"url":"https://plugins.trac.wordpress.org/browser/exclusive-addons-for-elementor/tags/2.7.9.8/extensions/post-duplicator.php#L19","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/browser/exclusive-addons-for-elementor/tags/2.7.9.8/extensions/post-duplicator.php#L34","source":"security@wordfence.com"},{"url":"https://www.wordfence.com/threat-intel/vulnerabilities/id/690fd38c-0e12-45f3-9055-51252e4809b1?source=cve","source":"security@wordfence.com"}]}},{"cve":{"id":"CVE-2026-34034","sourceIdentifier":"security-advisories@github.com","published":"2026-07-07T04:17:47.603","lastModified":"2026-07-07T13:22:13.557","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. Prior to 4.0.0-beta.466, the sentinel_token setting is used in shell commands without sufficient validation, allowing an authenticated user with access to server Sentinel settings to inject shell syntax and execute commands on the host when Sentinel is restarted. This issue is fixed in version 4.0.0-beta.466."}],"affected":[{"source":"security-advisories@github.com","affectedData":[{"vendor":"coollabsio","product":"coolify","versions":[{"version":"< 4.0.0-beta.466","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-07T12:50:54.541531Z","id":"CVE-2026-34034","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-78"}]}],"references":[{"url":"https://github.com/coollabsio/coolify/commit/096d4369e59b3db7ace2db3ca42588c41b9b6019","source":"security-advisories@github.com"},{"url":"https://github.com/coollabsio/coolify/releases/tag/v4.0.0-beta.466","source":"security-advisories@github.com"},{"url":"https://github.com/coollabsio/coolify/security/advisories/GHSA-rpr8-p7jc-x844","source":"security-advisories@github.com"},{"url":"https://github.com/coollabsio/coolify/security/advisories/GHSA-rpr8-p7jc-x844","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0"}]}},{"cve":{"id":"CVE-2026-34035","sourceIdentifier":"security-advisories@github.com","published":"2026-07-07T04:17:47.873","lastModified":"2026-07-07T14:16:29.983","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. Prior to 4.0.0-beta.466, log drain secret and environment values were interpolated into shell commands without sufficient encoding, allowing an authenticated user to inject commands executed on the host. This issue is fixed in version 4.0.0-beta.466."}],"affected":[{"source":"security-advisories@github.com","affectedData":[{"vendor":"coollabsio","product":"coolify","versions":[{"version":"< 4.0.0-beta.466","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-07T13:41:13.576185Z","id":"CVE-2026-34035","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-78"}]}],"references":[{"url":"https://github.com/coollabsio/coolify/commit/fcd574e1eb1c2f504c48e5be4a5cb6d69f8f1f55","source":"security-advisories@github.com"},{"url":"https://github.com/coollabsio/coolify/releases/tag/v4.0.0-beta.466","source":"security-advisories@github.com"},{"url":"https://github.com/coollabsio/coolify/security/advisories/GHSA-3xm2-hqg8-4m2p","source":"security-advisories@github.com"},{"url":"https://github.com/coollabsio/coolify/security/advisories/GHSA-3xm2-hqg8-4m2p","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0"}]}},{"cve":{"id":"CVE-2026-34037","sourceIdentifier":"security-advisories@github.com","published":"2026-07-07T04:17:48.020","lastModified":"2026-07-07T15:16:43.730","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. Prior to 4.0.0-beta.464, the cloneTo() Livewire action in ResourceOperations.php authorizes the source resource but resolves destination resources with unscoped Eloquent lookups, allowing an authenticated user to clone resources into destinations owned by other teams and access cross-tenant resources. This issue is fixed in version 4.0.0-beta.464."}],"affected":[{"source":"security-advisories@github.com","affectedData":[{"vendor":"coollabsio","product":"coolify","versions":[{"version":"< 4.0.0-beta.464","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:L","baseScore":9.9,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"LOW"},"exploitabilityScore":3.1,"impactScore":6.0}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-07T14:02:08.730195Z","id":"CVE-2026-34037","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-639"}]}],"references":[{"url":"https://github.com/coollabsio/coolify/commit/1759a1631cd63271ebf6caa250c6d93440eaa333","source":"security-advisories@github.com"},{"url":"https://github.com/coollabsio/coolify/releases/tag/v4.0.0-beta.464","source":"security-advisories@github.com"},{"url":"https://github.com/coollabsio/coolify/security/advisories/GHSA-ggrr-wrvr-x83v","source":"security-advisories@github.com"},{"url":"https://github.com/coollabsio/coolify/security/advisories/GHSA-ggrr-wrvr-x83v","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0"}]}},{"cve":{"id":"CVE-2026-34047","sourceIdentifier":"security-advisories@github.com","published":"2026-07-07T04:17:48.287","lastModified":"2026-07-07T15:16:43.837","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. Prior to 4.0.0-beta.471, terminal WebSocket bootstrap routes did not enforce the expected authorization middleware, allowing an authenticated user to access terminal functionality for resources outside the authorized scope and potentially execute commands. This issue is fixed in version 4.0.0-beta.471."}],"affected":[{"source":"security-advisories@github.com","affectedData":[{"vendor":"coollabsio","product":"coolify","versions":[{"version":"< 4.0.0-beta.471","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H","baseScore":9.9,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.1,"impactScore":6.0}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-07T14:29:17.689956Z","id":"CVE-2026-34047","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-863"}]}],"references":[{"url":"https://github.com/coollabsio/coolify/commit/bc91b41f92f1bbb53886a5d7a60335cbf1621cd5","source":"security-advisories@github.com"},{"url":"https://github.com/coollabsio/coolify/pull/9169","source":"security-advisories@github.com"},{"url":"https://github.com/coollabsio/coolify/releases/tag/v4.0.0-beta.471","source":"security-advisories@github.com"},{"url":"https://github.com/coollabsio/coolify/security/advisories/GHSA-652w-qv22-2r7c","source":"security-advisories@github.com"},{"url":"https://github.com/coollabsio/coolify/security/advisories/GHSA-652w-qv22-2r7c","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0"}]}},{"cve":{"id":"CVE-2026-34048","sourceIdentifier":"security-advisories@github.com","published":"2026-07-07T04:17:48.417","lastModified":"2026-07-07T15:16:43.953","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. Prior to 4.0.0-beta.471, terminal websocket bootstrap routes only check authentication and do not enforce terminal authorization, allowing a low-privileged team member to connect to terminal routes and execute commands on team servers. This issue is fixed in version 4.0.0-beta.471."}],"affected":[{"source":"security-advisories@github.com","affectedData":[{"vendor":"coollabsio","product":"coolify","versions":[{"version":"< 4.0.0-beta.471","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H","baseScore":9.9,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.1,"impactScore":6.0}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-07T13:56:06.562353Z","id":"CVE-2026-34048","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-285"},{"lang":"en","value":"CWE-862"}]}],"references":[{"url":"https://github.com/coollabsio/coolify/commit/847166a3f89b7c80972fa0d2e5c754976f95b6ad","source":"security-advisories@github.com"},{"url":"https://github.com/coollabsio/coolify/releases/tag/v4.0.0-beta.471","source":"security-advisories@github.com"},{"url":"https://github.com/coollabsio/coolify/security/advisories/GHSA-mw6q-2hmg-mhxv","source":"security-advisories@github.com"},{"url":"https://github.com/coollabsio/coolify/security/advisories/GHSA-mw6q-2hmg-mhxv","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0"}]}},{"cve":{"id":"CVE-2026-34057","sourceIdentifier":"security-advisories@github.com","published":"2026-07-07T04:17:48.647","lastModified":"2026-07-07T14:16:30.080","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. Prior to 4.0.0-beta.471, the database import Livewire component (app/Livewire/Project/Database/Import.php) allows client-controlled container and server properties to reach shell commands without locking or validation, allowing an authenticated user to inject commands through a database import container name. This issue is fixed in version 4.0.0-beta.471."}],"affected":[{"source":"security-advisories@github.com","affectedData":[{"vendor":"coollabsio","product":"coolify","versions":[{"version":"< 4.0.0-beta.471","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-07T13:10:22.405033Z","id":"CVE-2026-34057","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-78"}]}],"references":[{"url":"https://github.com/coollabsio/coolify/commit/d486bf09ab2da8ad78fa721a079f066c76ce08d2","source":"security-advisories@github.com"},{"url":"https://github.com/coollabsio/coolify/releases/tag/v4.0.0-beta.471","source":"security-advisories@github.com"},{"url":"https://github.com/coollabsio/coolify/security/advisories/GHSA-6r3g-w7x8-54fj","source":"security-advisories@github.com"},{"url":"https://github.com/coollabsio/coolify/security/advisories/GHSA-6r3g-w7x8-54fj","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0"}]}},{"cve":{"id":"CVE-2026-34058","sourceIdentifier":"security-advisories@github.com","published":"2026-07-07T04:17:49.193","lastModified":"2026-07-07T14:16:30.180","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. Prior to 4.0.0-beta.471, the Livewire component Server\\Resources exposes public methods (startUnmanaged, stopUnmanaged, restartUnmanaged) that accept a container ID parameter directly from the browser without any sanitization or escaping. This parameter is interpolated directly into shell commands executed via SSH on managed servers, enabling any authenticated team member to execute arbitrary OS commands on remote servers. This issue is fixed in version 4.0.0-beta.471."}],"affected":[{"source":"security-advisories@github.com","affectedData":[{"vendor":"coollabsio","product":"coolify","versions":[{"version":"< 4.0.0-beta.471","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-07T13:40:25.442303Z","id":"CVE-2026-34058","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-78"}]}],"references":[{"url":"https://github.com/coollabsio/coolify/commit/944a038349216f00b390e905c121355adc8b23c1","source":"security-advisories@github.com"},{"url":"https://github.com/coollabsio/coolify/pull/9172","source":"security-advisories@github.com"},{"url":"https://github.com/coollabsio/coolify/releases/tag/v4.0.0-beta.471","source":"security-advisories@github.com"},{"url":"https://github.com/coollabsio/coolify/security/advisories/GHSA-rh5x-qx77-fq9v","source":"security-advisories@github.com"},{"url":"https://github.com/coollabsio/coolify/security/advisories/GHSA-rh5x-qx77-fq9v","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0"}]}},{"cve":{"id":"CVE-2026-34149","sourceIdentifier":"security-advisories@github.com","published":"2026-07-07T04:17:49.800","lastModified":"2026-07-07T15:16:44.403","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. Prior to 4.0.0-beta.471, DatabaseBackupJob interpolates user-controlled database credentials and MongoDB collection exclusion names into backup shell commands without adequate escaping, allowing an authenticated user with database management permissions to execute commands on managed servers. This issue is fixed in version 4.0.0-beta.471."}],"affected":[{"source":"security-advisories@github.com","affectedData":[{"vendor":"coollabsio","product":"coolify","versions":[{"version":"< 4.0.0-beta.471","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:N","baseScore":3.3,"baseSeverity":"LOW","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":0.7,"impactScore":2.5}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-07T14:06:56.986425Z","id":"CVE-2026-34149","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-78"}]}],"references":[{"url":"https://github.com/coollabsio/coolify/commit/952f3247970d261ff93f85c79066192f58f9557e","source":"security-advisories@github.com"},{"url":"https://github.com/coollabsio/coolify/commit/99043600ee881fd8581185e7590604d9882382cd","source":"security-advisories@github.com"},{"url":"https://github.com/coollabsio/coolify/releases/tag/v4.0.0-beta.471","source":"security-advisories@github.com"},{"url":"https://github.com/coollabsio/coolify/security/advisories/GHSA-4vff-6j8j-qhcg","source":"security-advisories@github.com"},{"url":"https://github.com/coollabsio/coolify/security/advisories/GHSA-4vff-6j8j-qhcg","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0"}]}},{"cve":{"id":"CVE-2026-34168","sourceIdentifier":"security-advisories@github.com","published":"2026-07-07T04:17:50.180","lastModified":"2026-07-07T15:16:44.500","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. Prior to 4.0.0-beta.471, the LocalPersistentVolume.name field is interpolated directly into docker volume shell commands without shell argument escaping, allowing an authenticated user to set a storage name containing shell metacharacters and execute commands on managed servers when the resource is deleted. This issue is fixed in version 4.0.0-beta.471."}],"affected":[{"source":"security-advisories@github.com","affectedData":[{"vendor":"coollabsio","product":"coolify","versions":[{"version":"< 4.0.0-beta.471","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-07T14:30:27.309062Z","id":"CVE-2026-34168","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-78"}]}],"references":[{"url":"https://github.com/coollabsio/coolify/commit/d2064dd4998694cda2eabd00149f7c4d1e94c699","source":"security-advisories@github.com"},{"url":"https://github.com/coollabsio/coolify/releases/tag/v4.0.0-beta.471","source":"security-advisories@github.com"},{"url":"https://github.com/coollabsio/coolify/security/advisories/GHSA-mh8x-fppq-cp77","source":"security-advisories@github.com"},{"url":"https://github.com/coollabsio/coolify/security/advisories/GHSA-mh8x-fppq-cp77","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0"}]}},{"cve":{"id":"CVE-2026-34170","sourceIdentifier":"security-advisories@github.com","published":"2026-07-07T04:17:50.357","lastModified":"2026-07-07T15:16:44.607","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. Prior to 4.0.0-beta.471, the GithubApp api_url field is used as the base URL for server-side HTTP requests without allowlisting or private IP blocking, allowing an authenticated user to configure a GitHub App source that causes Coolify to request internal services or cloud metadata endpoints. This issue is reported as fixed in version 4.0.0-beta.471."}],"affected":[{"source":"security-advisories@github.com","affectedData":[{"vendor":"coollabsio","product":"coolify","versions":[{"version":"< 4.0.0-beta.471","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N","baseScore":4.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":1.4}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-07T13:55:06.705972Z","id":"CVE-2026-34170","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-918"}]}],"references":[{"url":"https://github.com/coollabsio/coolify/security/advisories/GHSA-3g6r-cxv5-3c7h","source":"security-advisories@github.com"},{"url":"https://github.com/coollabsio/coolify/security/advisories/GHSA-3g6r-cxv5-3c7h","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0"}]}},{"cve":{"id":"CVE-2026-34171","sourceIdentifier":"security-advisories@github.com","published":"2026-07-07T04:17:50.513","lastModified":"2026-07-07T13:22:13.557","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. Prior to 4.0.0-beta.471, the GET /invitations/{uuid} endpoint can perform a state-changing password reset using an attacker-known invitation UUID, allowing an attacker who can cause a victim to visit the crafted invitation URL to reset the victim account password to a predictable value. This issue is fixed in version 4.0.0-beta.471."}],"affected":[{"source":"security-advisories@github.com","affectedData":[{"vendor":"coollabsio","product":"coolify","versions":[{"version":"< 4.0.0-beta.471","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:N","baseScore":8.0,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":1.6,"impactScore":5.8}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-07T12:52:52.552186Z","id":"CVE-2026-34171","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-352"}]}],"references":[{"url":"https://github.com/coollabsio/coolify/commit/25d424c743d5134d4a005a6d8f754bb3235b632c","source":"security-advisories@github.com"},{"url":"https://github.com/coollabsio/coolify/releases/tag/v4.0.0-beta.471","source":"security-advisories@github.com"},{"url":"https://github.com/coollabsio/coolify/security/advisories/GHSA-389w-cc6x-wr2m","source":"security-advisories@github.com"},{"url":"https://github.com/coollabsio/coolify/security/advisories/GHSA-389w-cc6x-wr2m","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0"}]}},{"cve":{"id":"CVE-2026-34198","sourceIdentifier":"security-advisories@github.com","published":"2026-07-07T04:17:50.847","lastModified":"2026-07-07T14:16:30.377","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. Prior to 4.0.0-beta.471, the TrustProxies middleware trusts all proxies ($proxies = '*'), accepting X-Forwarded-Host from any source. The TrustHosts middleware, intended to prevent host header attacks, has a circular caching dependency that prevents it from ever validating hosts. When a password reset is requested, the ResetPassword notification generates the reset URL using url(route(..., false)), which derives the host from the (spoofable) request. An unauthenticated attacker can trigger a password reset email containing a link pointing to an attacker-controlled domain, enabling token theft and account takeover. This issue is fixed in version 4.0.0-beta.471."}],"affected":[{"source":"security-advisories@github.com","affectedData":[{"vendor":"coollabsio","product":"coolify","versions":[{"version":"< 4.0.0-beta.471","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N","baseScore":5.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":1.6,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-07T13:36:00.420701Z","id":"CVE-2026-34198","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-346"},{"lang":"en","value":"CWE-640"}]}],"references":[{"url":"https://github.com/coollabsio/coolify/commit/98569e4edbfc316877c9e0d27ea89fab3c49e3bd","source":"security-advisories@github.com"},{"url":"https://github.com/coollabsio/coolify/pull/9193","source":"security-advisories@github.com"},{"url":"https://github.com/coollabsio/coolify/releases/tag/v4.0.0-beta.471","source":"security-advisories@github.com"},{"url":"https://github.com/coollabsio/coolify/security/advisories/GHSA-cgj8-7m5q-x5gv","source":"security-advisories@github.com"},{"url":"https://github.com/coollabsio/coolify/security/advisories/GHSA-cgj8-7m5q-x5gv","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0"}]}},{"cve":{"id":"CVE-2026-42143","sourceIdentifier":"security-advisories@github.com","published":"2026-07-07T04:17:51.200","lastModified":"2026-07-07T15:16:46.463","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. Prior to 4.0.0-beta.471, user-controlled persistent volume names are interpolated into shell commands executed on managed servers without escaping or validation, allowing an authenticated member to inject shell metacharacters and execute commands as root when volume operations are triggered. This issue appears to be fixed in version 4.0.0-beta.471."}],"affected":[{"source":"security-advisories@github.com","affectedData":[{"vendor":"coollabsio","product":"coolify","versions":[{"version":"< 4.0.0-beta.471","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-07T14:40:47.171936Z","id":"CVE-2026-42143","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-78"}]}],"references":[{"url":"https://github.com/coollabsio/coolify/commit/d2064dd4998694cda2eabd00149f7c4d1e94c699","source":"security-advisories@github.com"},{"url":"https://github.com/coollabsio/coolify/releases/tag/v4.0.0-beta.471","source":"security-advisories@github.com"},{"url":"https://github.com/coollabsio/coolify/security/advisories/GHSA-6pmw-6m96-4v4m","source":"security-advisories@github.com"},{"url":"https://github.com/coollabsio/coolify/security/advisories/GHSA-6pmw-6m96-4v4m","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0"}]}},{"cve":{"id":"CVE-2026-42147","sourceIdentifier":"security-advisories@github.com","published":"2026-07-07T04:17:51.760","lastModified":"2026-07-07T15:16:46.573","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. Prior to 4.0.0-beta.474, S3 storage endpoint validation only checks URL format and testConnection() sends a server-side request to the configured endpoint, allowing an authenticated user with storage management permissions to make Coolify request internal or metadata-service URLs. This issue is fixed in version 4.0.0-beta.474."}],"affected":[{"source":"security-advisories@github.com","affectedData":[{"vendor":"coollabsio","product":"coolify","versions":[{"version":"< 4.0.0-beta.474","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N","baseScore":4.9,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":1.2,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-07T14:32:53.138107Z","id":"CVE-2026-42147","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-918"}]}],"references":[{"url":"https://github.com/coollabsio/coolify/commit/297e9c41e19958f6237919794c28c3fb1d4cda32","source":"security-advisories@github.com"},{"url":"https://github.com/coollabsio/coolify/releases/tag/v4.0.0-beta.474","source":"security-advisories@github.com"},{"url":"https://github.com/coollabsio/coolify/security/advisories/GHSA-pwm4-w33c-wjf3","source":"security-advisories@github.com"},{"url":"https://github.com/coollabsio/coolify/security/advisories/GHSA-pwm4-w33c-wjf3","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0"}]}},{"cve":{"id":"CVE-2026-42172","sourceIdentifier":"security-advisories@github.com","published":"2026-07-07T04:17:52.133","lastModified":"2026-07-07T15:16:46.667","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. Prior to 4.0.0-beta.474, Sanctum API tokens did not expire, allowing a leaked token to retain access indefinitely until manually revoked. This issue is fixed in version 4.0.0-beta.474."}],"affected":[{"source":"security-advisories@github.com","affectedData":[{"vendor":"coollabsio","product":"coolify","versions":[{"version":"< 4.0.0-beta.474","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N","baseScore":3.1,"baseSeverity":"LOW","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":1.6,"impactScore":1.4}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-07T13:56:57.098110Z","id":"CVE-2026-42172","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-613"}]}],"references":[{"url":"https://github.com/coollabsio/coolify/commit/b1a78df58efe3ac38679d18c888b5817c7f01216","source":"security-advisories@github.com"},{"url":"https://github.com/coollabsio/coolify/pull/9677","source":"security-advisories@github.com"},{"url":"https://github.com/coollabsio/coolify/releases/tag/v4.0.0-beta.474","source":"security-advisories@github.com"},{"url":"https://github.com/coollabsio/coolify/security/advisories/GHSA-c83f-5ph7-x8xv","source":"security-advisories@github.com"},{"url":"https://github.com/coollabsio/coolify/security/advisories/GHSA-c83f-5ph7-x8xv","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0"}]}},{"cve":{"id":"CVE-2026-42200","sourceIdentifier":"security-advisories@github.com","published":"2026-07-07T04:17:52.923","lastModified":"2026-07-07T13:22:13.557","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. Prior to 4.0.0-beta.474, PostgreSQL initialization script (generate_init_scripts() method in app/Actions/Database/StartPostgresql.php) filename handling did not sufficiently restrict paths, allowing an authenticated user to write files outside the intended directory and achieve command execution through database initialization. This issue is fixed in version 4.0.0-beta.474."}],"affected":[{"source":"security-advisories@github.com","affectedData":[{"vendor":"coollabsio","product":"coolify","versions":[{"version":"< 4.0.0-beta.474","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-07T12:48:01.024176Z","id":"CVE-2026-42200","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-22"}]}],"references":[{"url":"https://github.com/coollabsio/coolify/commit/1cf6c7d0aef8e0edb800ae43f44ded102397cb13","source":"security-advisories@github.com"},{"url":"https://github.com/coollabsio/coolify/pull/9681","source":"security-advisories@github.com"},{"url":"https://github.com/coollabsio/coolify/releases/tag/v4.0.0-beta.474","source":"security-advisories@github.com"},{"url":"https://github.com/coollabsio/coolify/security/advisories/GHSA-mv4c-9x67-rrmv","source":"security-advisories@github.com"},{"url":"https://github.com/coollabsio/coolify/security/advisories/GHSA-mv4c-9x67-rrmv","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0"}]}},{"cve":{"id":"CVE-2026-26053","sourceIdentifier":"disclosures@gallagher.com","published":"2026-07-07T05:16:50.117","lastModified":"2026-07-07T14:16:29.567","vulnStatus":"Awaiting Analysis","cveTags":[],"descriptions":[{"lang":"en","value":"An Incorrect Privilege Assignment (CWE-266) vulnerability in the Command Centre Server allows an authenticated operator with limited privileges to perform some operations that they would not normally be authorized to perform. Version of Command Centre affected: 9.50 prior to vEL9.50.1587(MR1), 9.40 prior to vEL9.40.3130(MR3), 9.30 prior to vEL9.30.3983(MR5), 9.20 prior to vEL9.20.4349(MR7), all versions of 9.10."}],"affected":[{"source":"disclosures@gallagher.com","affectedData":[{"vendor":"Gallagher","product":"Command Centre Server","defaultStatus":"unaffected","versions":[{"version":"9.10","versionType":"custom","status":"affected"},{"version":"9.50","lessThan":"vEL9.50.1587(MR1)","versionType":"custom","status":"affected"},{"version":"9.40","lessThan":"vEL9.40.3130(MR3)","versionType":"custom","status":"affected"},{"version":"9.30","lessThan":"vEL9.30.3983(MR5)","versionType":"custom","status":"affected"},{"version":"9.20","lessThan":"vEL9.20.4349(MR7)","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"disclosures@gallagher.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:N","baseScore":5.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":1.6,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-07T13:37:41.225293Z","id":"CVE-2026-26053","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"disclosures@gallagher.com","type":"Secondary","description":[{"lang":"en","value":"CWE-266"}]}],"references":[{"url":"https://security.gallagher.com/en-NZ/Security-Advisories/CVE-2026-26053","source":"disclosures@gallagher.com"}]}},{"cve":{"id":"CVE-2026-27790","sourceIdentifier":"disclosures@gallagher.com","published":"2026-07-07T05:16:50.500","lastModified":"2026-07-07T14:16:29.667","vulnStatus":"Awaiting Analysis","cveTags":[],"descriptions":[{"lang":"en","value":"Uncaught Exception (CWE-248) in the T20 Readers allows an authenticated and authorized operator to trigger a restart by sending specific requests, resulting in a temporary denial of service. Version of Command Centre affected:\n\n\n\n\n\n  *  9.50 prior to vCR9.50.260616a (distributed in 9.50.1587(MR1))\n  *  9.40 prior to vCR9.40.260616a (distributed in 9.40.3130(MR3))\n  *  9.30 prior to vCR9.30.260616a (distributed in 9.30.3983(MR5))\n  *  9.20 prior to vCR9.20.260616a (distributed in 9.20.4349(MR7))\n  *  all versions of 9.10 and prior."}],"affected":[{"source":"disclosures@gallagher.com","affectedData":[{"vendor":"Gallagher","product":"T-20 Readers","defaultStatus":"unaffected","versions":[{"version":"0","lessThanOrEqual":"9.10","versionType":"custom","status":"affected"},{"version":"9.50","lessThan":"vCR9.50.260616a","versionType":"custom","status":"affected"},{"version":"9.40","lessThan":"vCR9.40.260616a","versionType":"custom","status":"affected"},{"version":"9.30","lessThan":"vCR9.30.260616a","versionType":"custom","status":"affected"},{"version":"9.20","lessThan":"vCR9.20.260616a","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"disclosures@gallagher.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L","baseScore":2.7,"baseSeverity":"LOW","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"LOW"},"exploitabilityScore":1.2,"impactScore":1.4}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-07T13:37:17.360697Z","id":"CVE-2026-27790","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"disclosures@gallagher.com","type":"Secondary","description":[{"lang":"en","value":"CWE-248"}]}],"references":[{"url":"https://security.gallagher.com/en-NZ/Security-Advisories/CVE-2026-27790","source":"disclosures@gallagher.com"}]}},{"cve":{"id":"CVE-2026-27844","sourceIdentifier":"disclosures@gallagher.com","published":"2026-07-07T05:16:50.617","lastModified":"2026-07-07T14:16:29.760","vulnStatus":"Awaiting Analysis","cveTags":[],"descriptions":[{"lang":"en","value":"Uncaught Exception (CWE-248) in the Controller 6000 and Controller 7000 diagnostic web interface allows an authenticated and authorized operator to trigger a Controller restart by sending specific requests, resulting in a temporary denial of service. \nVersion of Command Centre affected:\n\n\n\n\n\n  *  9.50 prior to vCR9.50.260616a (distributed in 9.50.1587(MR1))\n  *  9.40 prior to vCR9.40.260616a (distributed in 9.40.3130(MR3))\n  *  9.30 prior to vCR9.30.260616a (distributed in 9.30.3983(MR5))\n  *  9.20 prior to vCR9.20.260616a (distributed in 9.20.4349(MR7))\n  *  all versions of 9.10 and prior."}],"affected":[{"source":"disclosures@gallagher.com","affectedData":[{"vendor":"Gallagher","product":"Controller 7000 and 6000","defaultStatus":"unaffected","versions":[{"version":"0","lessThanOrEqual":"9.10","versionType":"custom","status":"affected"},{"version":"9.50","lessThan":"vCR9.50.260616a","versionType":"custom","status":"affected"},{"version":"9.40","lessThan":"vCR9.40.260616a","versionType":"custom","status":"affected"},{"version":"9.30","lessThan":"vCR9.30.260616a","versionType":"custom","status":"affected"},{"version":"9.20","lessThan":"vCR9.20.260616a","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"disclosures@gallagher.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L","baseScore":2.7,"baseSeverity":"LOW","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"LOW"},"exploitabilityScore":1.2,"impactScore":1.4}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-07T13:36:45.478353Z","id":"CVE-2026-27844","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"disclosures@gallagher.com","type":"Secondary","description":[{"lang":"en","value":"CWE-248"}]}],"references":[{"url":"https://security.gallagher.com/en-NZ/Security-Advisories/CVE-2026-27844","source":"disclosures@gallagher.com"}]}},{"cve":{"id":"CVE-2026-34158","sourceIdentifier":"security-advisories@github.com","published":"2026-07-07T05:16:50.730","lastModified":"2026-07-07T14:16:30.277","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. Prior to 4.0.0-beta.469, the executeInDocker() helper wraps user-controlled commands in single quotes without escaping embedded single quotes. Attackers who can edit application settings can inject a single quote into docker_compose_custom_build_command or docker_compose_custom_start_command to break out of the quoted context and execute arbitrary commands on the managed server host during deployments, escaping the intended Docker container confinement. This issue is fixed in version 4.0.0-beta.469."}],"affected":[{"source":"security-advisories@github.com","affectedData":[{"vendor":"coollabsio","product":"coolify","versions":[{"version":"< 4.0.0-beta.469","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-07T13:38:23.643397Z","id":"CVE-2026-34158","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-78"}]}],"references":[{"url":"https://github.com/coollabsio/coolify/security/advisories/GHSA-j6j2-frv3-g6f7","source":"security-advisories@github.com"},{"url":"https://github.com/coollabsio/coolify/security/advisories/GHSA-j6j2-frv3-g6f7","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0"}]}},{"cve":{"id":"CVE-2026-42201","sourceIdentifier":"security-advisories@github.com","published":"2026-07-07T05:16:51.237","lastModified":"2026-07-07T15:16:46.767","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. Prior to 4.0.0-beta.474, database credential fields (redis_password, keydb_password, dragonfly_password, clickhouse_admin_user, clickhouse_admin_password, postgres_user, mysql_user) are validated only as 'string' at the API layer, with zero shell-safety checks. These values are then interpolated directly into Docker Compose YAML command: strings without any escaping. This issue is fixed in version 4.0.0-beta.474."}],"affected":[{"source":"security-advisories@github.com","affectedData":[{"vendor":"coollabsio","product":"coolify","versions":[{"version":"< 4.0.0-beta.474","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:N","baseScore":3.3,"baseSeverity":"LOW","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":0.7,"impactScore":2.5}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-07T13:58:05.000375Z","id":"CVE-2026-42201","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-78"}]}],"references":[{"url":"https://github.com/coollabsio/coolify/commit/bff6d853708f3d7c861279586f107739036e67da","source":"security-advisories@github.com"},{"url":"https://github.com/coollabsio/coolify/pull/9676","source":"security-advisories@github.com"},{"url":"https://github.com/coollabsio/coolify/releases/tag/v4.0.0-beta.474","source":"security-advisories@github.com"},{"url":"https://github.com/coollabsio/coolify/security/advisories/GHSA-f35h-g2c2-q36v","source":"security-advisories@github.com"},{"url":"https://github.com/coollabsio/coolify/security/advisories/GHSA-f35h-g2c2-q36v","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0"}]}},{"cve":{"id":"CVE-2026-12277","sourceIdentifier":"contact@wpscan.com","published":"2026-07-07T06:16:21.893","lastModified":"2026-07-07T16:16:37.180","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"The Frontend File Manager Plugin WordPress plugin through 23.6 does not validate a file path derived from user input before deleting the referenced file, allowing unauthenticated users to delete arbitrary files on the server (such as wp-config.php) when guest upload mode is enabled. Deleting wp-config.php forces the site into its setup routine, which can be leveraged toward a full site takeover."}],"affected":[{"source":"contact@wpscan.com","affectedData":[{"vendor":"Unknown","product":"Frontend File Manager Plugin","defaultStatus":"unknown","versions":[{"version":"0","lessThanOrEqual":"23.6","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:H","baseScore":8.7,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"NONE","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.2,"impactScore":5.8}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-07T15:30:40.776757Z","id":"CVE-2026-12277","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"references":[{"url":"https://wpscan.com/vulnerability/30f208f6-9d7b-4aaf-8689-496521d1a1dc/","source":"contact@wpscan.com"}]}},{"cve":{"id":"CVE-2026-12375","sourceIdentifier":"contact@wpscan.com","published":"2026-07-07T06:16:22.003","lastModified":"2026-07-07T14:16:28.297","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"The uncanny-automator-pro WordPress plugin before 7.3.0.6 was distributed with malicious code after the vendor's uncanny-automator-pro WordPress plugin before 7.3.0.6 update/distribution infrastructure was compromised; the injected backdoor grants unauthenticated attackers an administrator session on affected sites and beacons the site's secret keys and administrator details to attacker-controlled servers."}],"affected":[{"source":"contact@wpscan.com","affectedData":[{"vendor":"Unknown","product":"uncanny-automator-pro","defaultStatus":"unaffected","versions":[{"version":"7.3.0.5","lessThan":"7.3.0.6","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-07T13:15:12.244680Z","id":"CVE-2026-12375","options":[{"exploitation":"poc"},{"automatable":"yes"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"references":[{"url":"https://wpscan.com/vulnerability/ddc83705-3df6-427c-957b-935135330f73/","source":"contact@wpscan.com"}]}},{"cve":{"id":"CVE-2026-4375","sourceIdentifier":"contact@wpscan.com","published":"2026-07-07T06:16:22.360","lastModified":"2026-07-07T14:16:32.257","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"The DoLeads Integrator WordPress plugin through 0.65, wp2epub WordPress plugin through 0.65 have been seen to be used to achieve RCE, once they are added adding to a blog, for example using a vulnerability where unclosed extensions from wordpress.org can be installed by unauthorized users."}],"affected":[{"source":"contact@wpscan.com","affectedData":[{"vendor":"Unknown","product":"DoLeads Integrator","defaultStatus":"unknown","versions":[{"version":"0","lessThanOrEqual":"0.65","versionType":"semver","status":"affected"}]},{"vendor":"Unknown","product":"wp2epub","defaultStatus":"unknown","versions":[{"version":"0","lessThanOrEqual":"0.65","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H","baseScore":9.0,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.2,"impactScore":6.0}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-07T13:17:36.198319Z","id":"CVE-2026-4375","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"references":[{"url":"https://wpscan.com/vulnerability/dd043e6c-e6c6-4c8d-aab0-5265d28f5cf6/","source":"contact@wpscan.com"}]}},{"cve":{"id":"CVE-2026-57867","sourceIdentifier":"vdp@themissinglink.com.au","published":"2026-07-07T06:16:22.473","lastModified":"2026-07-07T14:16:33.097","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"MicroRealEstate allows adversaries to bypass authentication due to a lack of token state management. This would permit adversaries targeting MicroRealEstate deployments to brute-force One-Time Passwords (OTP) to log in as any user. This issue affects MicroRealEstate: through 1.0.0-alpha3."}],"affected":[{"source":"vdp@themissinglink.com.au","affectedData":[{"vendor":"MicroRealEstate","product":"MicroRealEstate","defaultStatus":"affected","versions":[{"version":"0","lessThanOrEqual":"1.0.0-alpha3","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"vdp@themissinglink.com.au","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"NONE","userInteraction":"NONE","vulnConfidentialityImpact":"HIGH","vulnIntegrityImpact":"LOW","vulnAvailabilityImpact":"NONE","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-07T13:34:55.343716Z","id":"CVE-2026-57867","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"vdp@themissinglink.com.au","type":"Secondary","description":[{"lang":"en","value":"CWE-288"}]}],"references":[{"url":"https://github.com/microrealestate/microrealestate","source":"vdp@themissinglink.com.au"},{"url":"https://www.themissinglink.com.au/security-advisories/cve-2026-57867","source":"vdp@themissinglink.com.au"}]}},{"cve":{"id":"CVE-2026-57868","sourceIdentifier":"vdp@themissinglink.com.au","published":"2026-07-07T06:16:22.633","lastModified":"2026-07-07T14:16:33.210","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"MicroRealEstate is affected by broken object-level access controls in PDF generator functionality.\n\nThis issue affects MicroRealEstate: through 1.0.0-alpha3."}],"affected":[{"source":"vdp@themissinglink.com.au","affectedData":[{"vendor":"MicroRealEstate","product":"MicroRealEstate","defaultStatus":"affected","versions":[{"version":"0","lessThanOrEqual":"1.0.0-alpha3","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"vdp@themissinglink.com.au","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":7.1,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"LOW","userInteraction":"NONE","vulnConfidentialityImpact":"HIGH","vulnIntegrityImpact":"NONE","vulnAvailabilityImpact":"NONE","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-07T13:31:49.257188Z","id":"CVE-2026-57868","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"vdp@themissinglink.com.au","type":"Secondary","description":[{"lang":"en","value":"CWE-639"}]}],"references":[{"url":"https://github.com/microrealestate/microrealestate","source":"vdp@themissinglink.com.au"},{"url":"https://www.themissinglink.com.au/security-advisories/cve-2026-57868","source":"vdp@themissinglink.com.au"}]}},{"cve":{"id":"CVE-2026-57869","sourceIdentifier":"vdp@themissinglink.com.au","published":"2026-07-07T06:16:22.750","lastModified":"2026-07-07T14:16:33.317","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"Broken object-level access controls and the use of a deterministic pattern during random ID generation in MicroRealEstate allows attackers to access documents uploaded by landlords or tenants without authorization.\n\nThis issue affects MicroRealEstate: through 1.0.0-alpha3."}],"affected":[{"source":"vdp@themissinglink.com.au","affectedData":[{"vendor":"MicroRealEstate","product":"MicroRealEstate","defaultStatus":"affected","versions":[{"version":"0","lessThanOrEqual":"1.0.0-alpha3","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"vdp@themissinglink.com.au","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":7.1,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"LOW","userInteraction":"NONE","vulnConfidentialityImpact":"HIGH","vulnIntegrityImpact":"NONE","vulnAvailabilityImpact":"NONE","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-07T13:32:30.572324Z","id":"CVE-2026-57869","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"vdp@themissinglink.com.au","type":"Secondary","description":[{"lang":"en","value":"CWE-639"},{"lang":"en","value":"CWE-1241"}]}],"references":[{"url":"https://github.com/microrealestate/microrealestate","source":"vdp@themissinglink.com.au"},{"url":"https://www.themissinglink.com.au/security-advisories/cve-2026-57869","source":"vdp@themissinglink.com.au"}]}},{"cve":{"id":"CVE-2026-57870","sourceIdentifier":"vdp@themissinglink.com.au","published":"2026-07-07T06:16:22.890","lastModified":"2026-07-07T14:16:33.430","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"Broken object-level access control on the Template API in MicroRealEstate allows attackers to retrieve document templates used by other organizations without authorization.\n\nThis issue affects MicroRealEstate: through 1.0.0-alpha3."}],"affected":[{"source":"vdp@themissinglink.com.au","affectedData":[{"vendor":"MicroRealEstate","product":"MicroRealEstate","defaultStatus":"affected","versions":[{"version":"0","lessThanOrEqual":"1.0.0-alpha3","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"vdp@themissinglink.com.au","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":5.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"LOW","userInteraction":"NONE","vulnConfidentialityImpact":"LOW","vulnIntegrityImpact":"NONE","vulnAvailabilityImpact":"NONE","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-07T13:33:09.201742Z","id":"CVE-2026-57870","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"vdp@themissinglink.com.au","type":"Secondary","description":[{"lang":"en","value":"CWE-639"}]}],"references":[{"url":"https://github.com/microrealestate/microrealestate","source":"vdp@themissinglink.com.au"},{"url":"https://www.themissinglink.com.au/security-advisories/cve-2026-57870","source":"vdp@themissinglink.com.au"}]}},{"cve":{"id":"CVE-2026-57871","sourceIdentifier":"vdp@themissinglink.com.au","published":"2026-07-07T06:16:23.017","lastModified":"2026-07-07T14:16:33.533","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"Relative path traversal vulnerability in MicroRealEstate file upload functionality allows attackers to potentially overwrite system files.\n\nThis issue affects MicroRealEstate: through 1.0.0-alpha3."}],"affected":[{"source":"vdp@themissinglink.com.au","affectedData":[{"vendor":"MicroRealEstate","product":"MicroRealEstate","defaultStatus":"affected","versions":[{"version":"0","lessThanOrEqual":"1.0.0-alpha3","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"vdp@themissinglink.com.au","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":7.1,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"LOW","userInteraction":"NONE","vulnConfidentialityImpact":"NONE","vulnIntegrityImpact":"LOW","vulnAvailabilityImpact":"HIGH","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-07T13:33:34.529387Z","id":"CVE-2026-57871","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"vdp@themissinglink.com.au","type":"Secondary","description":[{"lang":"en","value":"CWE-23"}]}],"references":[{"url":"https://github.com/microrealestate/microrealestate","source":"vdp@themissinglink.com.au"},{"url":"https://www.themissinglink.com.au/security-advisories/cve-2026-57871","source":"vdp@themissinglink.com.au"}]}},{"cve":{"id":"CVE-2026-58315","sourceIdentifier":"vultures@jpcert.or.jp","published":"2026-07-07T06:16:23.147","lastModified":"2026-07-07T14:16:33.793","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"Cross-site request forgery vulnerability exists in SEIKO EPSON Web Config. If a user views a malicious page while logged into Web Config, unintended operations may be performed."}],"affected":[{"source":"vultures@jpcert.or.jp","affectedData":[{"vendor":"SEIKO EPSON CORPORATION","product":"Web Config","versions":[{"version":"See the information/details provided by the vendor","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"vultures@jpcert.or.jp","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":5.1,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"NONE","userInteraction":"ACTIVE","vulnConfidentialityImpact":"NONE","vulnIntegrityImpact":"LOW","vulnAvailabilityImpact":"NONE","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV30":[{"source":"vultures@jpcert.or.jp","type":"Secondary","cvssData":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N","baseScore":4.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":1.4}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-07T13:34:04.279358Z","id":"CVE-2026-58315","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"vultures@jpcert.or.jp","type":"Secondary","description":[{"lang":"en","value":"CWE-352"}]}],"references":[{"url":"https://jvn.jp/en/jp/JVN87285119/","source":"vultures@jpcert.or.jp"},{"url":"https://www.epson.jp/news/info/a-security202607.htm","source":"vultures@jpcert.or.jp"}]}},{"cve":{"id":"CVE-2026-5730","sourceIdentifier":"iletisim@usom.gov.tr","published":"2026-07-07T08:16:25.540","lastModified":"2026-07-07T14:16:34.343","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"Authorization bypass through User-Controlled key vulnerability in Idvlabs Software and Consulting Services Inc. Ontime allows Exploitation of Trusted Identifiers.\n\nThis issue affects Ontime: through 04052026."}],"affected":[{"source":"iletisim@usom.gov.tr","affectedData":[{"vendor":"Idvlabs Software and Consulting Services Inc.","product":"Ontime","defaultStatus":"unaffected","versions":[{"version":"0","lessThanOrEqual":"04052026","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"iletisim@usom.gov.tr","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-07T13:25:25.847593Z","id":"CVE-2026-5730","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"iletisim@usom.gov.tr","type":"Secondary","description":[{"lang":"en","value":"CWE-639"}]}],"references":[{"url":"https://siberguvenlik.gov.tr/guvenlik-bildirimleri/detay/tr-26-0503","source":"iletisim@usom.gov.tr"}]}},{"cve":{"id":"CVE-2026-5799","sourceIdentifier":"iletisim@usom.gov.tr","published":"2026-07-07T08:16:25.677","lastModified":"2026-07-07T14:16:34.440","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"Authorization bypass through User-Controlled key vulnerability in Idvlabs Software and Consulting Services Inc. Ontime allows Exploitation of Trusted Identifiers.\n\nThis issue affects Ontime: through 04052026."}],"affected":[{"source":"iletisim@usom.gov.tr","affectedData":[{"vendor":"Idvlabs Software and Consulting Services Inc.","product":"Ontime","defaultStatus":"unaffected","versions":[{"version":"0","lessThanOrEqual":"04052026","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"iletisim@usom.gov.tr","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-07T13:26:31.856904Z","id":"CVE-2026-5799","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"iletisim@usom.gov.tr","type":"Secondary","description":[{"lang":"en","value":"CWE-639"}]}],"references":[{"url":"https://siberguvenlik.gov.tr/guvenlik-bildirimleri/detay/tr-26-0503","source":"iletisim@usom.gov.tr"}]}},{"cve":{"id":"CVE-2026-7380","sourceIdentifier":"iletisim@usom.gov.tr","published":"2026-07-07T08:16:25.793","lastModified":"2026-07-07T14:16:34.677","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"Improper neutralization of Script-Related HTML tags in a web page (basic XSS) vulnerability in Armiya Information Technologies Ltd. Co. Access Control System (GKS) allows XSS Targeting HTML Attributes.\n\nThis issue affects Access Control System (GKS): before Version 2."}],"affected":[{"source":"iletisim@usom.gov.tr","affectedData":[{"vendor":"Armiya Information Technologies Ltd. Co.","product":"Access Control System (GKS)","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"Version 2","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"iletisim@usom.gov.tr","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","baseScore":6.1,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":2.7}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-07T13:24:56.062764Z","id":"CVE-2026-7380","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"iletisim@usom.gov.tr","type":"Secondary","description":[{"lang":"en","value":"CWE-80"}]}],"references":[{"url":"https://siberguvenlik.gov.tr/guvenlik-bildirimleri/detay/tr-26-0502","source":"iletisim@usom.gov.tr"}]}},{"cve":{"id":"CVE-2026-8306","sourceIdentifier":"iletisim@usom.gov.tr","published":"2026-07-07T08:16:25.910","lastModified":"2026-07-07T14:16:34.773","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"Improper neutralization of input during web page generation ('cross-site scripting') vulnerability in Armiya Information Technologies Ltd. Co. Access Control System (GKS) allows Stored XSS.\n\nThis issue affects Access Control System (GKS): before Version 2."}],"affected":[{"source":"iletisim@usom.gov.tr","affectedData":[{"vendor":"Armiya Information Technologies Ltd. Co.","product":"Access Control System (GKS)","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"Version 2","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"iletisim@usom.gov.tr","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","baseScore":6.1,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":2.7}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-07T13:27:23.786490Z","id":"CVE-2026-8306","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"iletisim@usom.gov.tr","type":"Secondary","description":[{"lang":"en","value":"CWE-79"}]}],"references":[{"url":"https://siberguvenlik.gov.tr/guvenlik-bildirimleri/detay/tr-26-0502","source":"iletisim@usom.gov.tr"}]}},{"cve":{"id":"CVE-2026-8309","sourceIdentifier":"iletisim@usom.gov.tr","published":"2026-07-07T08:16:26.023","lastModified":"2026-07-07T14:16:34.870","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"Improper neutralization of input during web page generation ('cross-site scripting') vulnerability in Armiya Information Technologies Ltd. Co. Access Control System (GKS) allows Reflected XSS.\n\nThis issue affects Access Control System (GKS): before Version 2."}],"affected":[{"source":"iletisim@usom.gov.tr","affectedData":[{"vendor":"Armiya Information Technologies Ltd. Co.","product":"Access Control System (GKS)","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"Version 2","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"iletisim@usom.gov.tr","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N","baseScore":5.4,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.3,"impactScore":2.7}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-07T13:28:35.947494Z","id":"CVE-2026-8309","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"iletisim@usom.gov.tr","type":"Secondary","description":[{"lang":"en","value":"CWE-79"}]}],"references":[{"url":"https://siberguvenlik.gov.tr/guvenlik-bildirimleri/detay/tr-26-0502","source":"iletisim@usom.gov.tr"}]}},{"cve":{"id":"CVE-2026-8377","sourceIdentifier":"iletisim@usom.gov.tr","published":"2026-07-07T08:16:26.127","lastModified":"2026-07-07T14:16:34.963","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"Missing Authorization vulnerability in Armiya Information Technologies Ltd. Co. Access Control System (GKS) allows Collect Data from Common Resource Locations.\n\nThis issue affects Access Control System (GKS): before Version 2."}],"affected":[{"source":"iletisim@usom.gov.tr","affectedData":[{"vendor":"Armiya Information Technologies Ltd. Co.","product":"Access Control System (GKS)","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"Version 2","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"iletisim@usom.gov.tr","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N","baseScore":8.2,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":4.2}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-07T13:29:03.658771Z","id":"CVE-2026-8377","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"iletisim@usom.gov.tr","type":"Secondary","description":[{"lang":"en","value":"CWE-862"}]}],"references":[{"url":"https://siberguvenlik.gov.tr/guvenlik-bildirimleri/detay/tr-26-0502","source":"iletisim@usom.gov.tr"}]}},{"cve":{"id":"CVE-2026-13199","sourceIdentifier":"prodsec@nozominetworks.com","published":"2026-07-07T09:16:29.857","lastModified":"2026-07-07T14:16:28.447","vulnStatus":"Awaiting Analysis","cveTags":[],"descriptions":[{"lang":"en","value":"EEPROM firmware on Raspberry Pi 5 and Compute Module 5 devices produced non-random KASLR and RNG seed values. This resulted in consistent kernel addresses across boots and devices, potentially making it easier to exploit other vulnerabilities. Additionally, the low-quality RNG seed may affect the quality of random numbers or delay booting while sufficient entropy is accumulated from other sources."}],"affected":[{"source":"prodsec@nozominetworks.com","affectedData":[{"vendor":"Raspberry Pi","product":"Raspberry Pi 5 and Compute Module 5","defaultStatus":"unaffected","packageName":"rpi-eeprom","modules":["EEPROM firmware"],"platforms":["Linux"],"packageURL":"pkg:deb/debian/rpi-eeprom","versions":[{"version":"0","lessThan":"28.22-1","versionType":"apt","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"prodsec@nozominetworks.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":5.1,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"NONE","userInteraction":"NONE","vulnConfidentialityImpact":"LOW","vulnIntegrityImpact":"NONE","vulnAvailabilityImpact":"NONE","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N","baseScore":4.0,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":2.5,"impactScore":1.4}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-07T13:21:12.730043Z","id":"CVE-2026-13199","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"prodsec@nozominetworks.com","type":"Secondary","description":[{"lang":"en","value":"CWE-331"}]}],"references":[{"url":"https://github.com/raspberrypi/rpi-eeprom/pull/841","source":"prodsec@nozominetworks.com"},{"url":"https://www.nozominetworks.com/labs/vulnerability-advisories-cve-2026-13199","source":"prodsec@nozominetworks.com"}]}},{"cve":{"id":"CVE-2026-14474","sourceIdentifier":"secalert@redhat.com","published":"2026-07-07T10:16:39.870","lastModified":"2026-07-07T14:16:28.947","vulnStatus":"Awaiting Analysis","cveTags":[],"descriptions":[{"lang":"en","value":"A flaw was found in SSSD's LDAP sudo provider. When the ldap_sudo_search_base option is not explicitly configured, SSSD searches the entire LDAP directory tree for sudoRole objects. An authenticated attacker with write access to any subtree can inject a sudoRole object granting root-level sudo privileges on all SSSD-enrolled hosts."}],"affected":[{"source":"secalert@redhat.com","affectedData":[{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 10","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"sssd","cpes":["cpe:/o:redhat:enterprise_linux:10"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 6","defaultStatus":"unknown","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"sssd","cpes":["cpe:/o:redhat:enterprise_linux:6"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 7","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"sssd","cpes":["cpe:/o:redhat:enterprise_linux:7"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"sssd","cpes":["cpe:/o:redhat:enterprise_linux:8"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"sssd","cpes":["cpe:/o:redhat:enterprise_linux:9"]},{"vendor":"Red Hat","product":"Red Hat OpenShift Container Platform 4","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"rhcos","cpes":["cpe:/a:redhat:openshift:4"]}]}],"metrics":{"cvssMetricV31":[{"source":"secalert@redhat.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-07T13:41:44.076680Z","id":"CVE-2026-14474","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"secalert@redhat.com","type":"Secondary","description":[{"lang":"en","value":"CWE-1188"}]}],"references":[{"url":"https://access.redhat.com/security/cve/CVE-2026-14474","source":"secalert@redhat.com"},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2496556","source":"secalert@redhat.com"}]}},{"cve":{"id":"CVE-2026-14476","sourceIdentifier":"secalert@redhat.com","published":"2026-07-07T10:16:39.993","lastModified":"2026-07-07T15:16:42.940","vulnStatus":"Awaiting Analysis","cveTags":[],"descriptions":[{"lang":"en","value":"A path traversal flaw was found in SSSD's AD GPO provider. The ad_gpo_extract_smb_components() function does not sanitize .. sequences in the gPCFileSysPath LDAP attribute, allowing an attacker with AD GPO management access to write files outside the GPO cache directory as root. On default RHEL configurations with SELinux enforcing, this can be used to inject Kerberos configuration leading to authentication bypass."}],"affected":[{"source":"secalert@redhat.com","affectedData":[{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 10","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"sssd","cpes":["cpe:/o:redhat:enterprise_linux:10"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 6","defaultStatus":"unknown","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"sssd","cpes":["cpe:/o:redhat:enterprise_linux:6"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 7","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"sssd","cpes":["cpe:/o:redhat:enterprise_linux:7"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"sssd","cpes":["cpe:/o:redhat:enterprise_linux:8"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"sssd","cpes":["cpe:/o:redhat:enterprise_linux:9"]},{"vendor":"Red Hat","product":"Red Hat OpenShift Container Platform 4","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"rhcos","cpes":["cpe:/a:redhat:openshift:4"]}]}],"metrics":{"cvssMetricV31":[{"source":"secalert@redhat.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H","baseScore":8.0,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.3,"impactScore":6.0}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-07T14:34:29.054689Z","id":"CVE-2026-14476","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"secalert@redhat.com","type":"Secondary","description":[{"lang":"en","value":"CWE-23"}]}],"references":[{"url":"https://access.redhat.com/security/cve/CVE-2026-14476","source":"secalert@redhat.com"},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2496581","source":"secalert@redhat.com"}]}},{"cve":{"id":"CVE-2026-11340","sourceIdentifier":"iletisim@usom.gov.tr","published":"2026-07-07T11:16:32.247","lastModified":"2026-07-07T13:19:36.010","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"Missing Authorization vulnerability in HAVELSAN Inc. Liman MYS allows Accessing Functionality Not Properly Constrained by ACLs.\n\nThis issue affects Liman MYS: before release.Master.1107."}],"affected":[{"source":"iletisim@usom.gov.tr","affectedData":[{"vendor":"HAVELSAN Inc.","product":"Liman MYS","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"release.master.1107","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"iletisim@usom.gov.tr","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H","baseScore":8.3,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.5}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-07T12:04:46.256043Z","id":"CVE-2026-11340","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"iletisim@usom.gov.tr","type":"Secondary","description":[{"lang":"en","value":"CWE-862"}]}],"references":[{"url":"https://siberguvenlik.gov.tr/guvenlik-bildirimleri/detay/tr-26-0504","source":"iletisim@usom.gov.tr"}]}},{"cve":{"id":"CVE-2011-10043","sourceIdentifier":"9b29abf9-4ab0-4765-b253-1875cd9b441e","published":"2026-07-07T12:16:24.880","lastModified":"2026-07-07T17:16:31.890","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"Module::Load versions before 0.22 for Perl allow arbitrary modules outside of @INC to be loaded.\n\nModule names starting with \"::\" could be passed to the load function to specify arbitrary module paths.\n\nAttackers able to influence module names passed to load could use that bug to execute arbitrary code."}],"affected":[{"source":"9b29abf9-4ab0-4765-b253-1875cd9b441e","affectedData":[{"vendor":"BINGOS","product":"Module::Load","defaultStatus":"unaffected","collectionURL":"https://cpan.org/modules","packageName":"Module-Load","programFiles":["lib/Module/Load.pm"],"programRoutines":[{"name":"Module::Load::_to_file"}],"repo":"https://github.com/jib/module-load","versions":[{"version":"0","lessThan":"0.22","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-07T16:04:25.108284Z","id":"CVE-2011-10043","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"9b29abf9-4ab0-4765-b253-1875cd9b441e","type":"Secondary","description":[{"lang":"en","value":"CWE-145"}]}],"references":[{"url":"https://blogs.perl.org/users/michael_g_schwern/2011/10/how-not-to-load-a-module-or-bad-interfaces-make-good-people-do-bad-things.html","source":"9b29abf9-4ab0-4765-b253-1875cd9b441e"},{"url":"https://metacpan.org/release/BINGOS/Module-Load-0.22/changes","source":"9b29abf9-4ab0-4765-b253-1875cd9b441e"},{"url":"https://metacpan.org/release/BINGOS/Module-Load-0.22/diff/BINGOS/Module-Load-0.20/lib/Module/Load.pm","source":"9b29abf9-4ab0-4765-b253-1875cd9b441e"}]}},{"cve":{"id":"CVE-2026-11348","sourceIdentifier":"iletisim@usom.gov.tr","published":"2026-07-07T12:16:28.617","lastModified":"2026-07-07T14:16:27.720","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"Improper verification of cryptographic signature vulnerability in HAVELSAN Inc. Liman MYS allows Fake the Source of Data.\n\nThis issue affects Liman MYS: before release.Master.1107."}],"affected":[{"source":"iletisim@usom.gov.tr","affectedData":[{"vendor":"HAVELSAN Inc.","product":"Liman MYS","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"release.master.1107","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"iletisim@usom.gov.tr","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":8.1,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.2,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-07T13:22:39.464228Z","id":"CVE-2026-11348","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"iletisim@usom.gov.tr","type":"Secondary","description":[{"lang":"en","value":"CWE-347"}]}],"references":[{"url":"https://siberguvenlik.gov.tr/guvenlik-bildirimleri/detay/tr-26-0504","source":"iletisim@usom.gov.tr"}]}},{"cve":{"id":"CVE-2026-13696","sourceIdentifier":"iletisim@usom.gov.tr","published":"2026-07-07T12:16:32.730","lastModified":"2026-07-07T14:16:28.740","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"Improper neutralization of special elements used in an LDAP query ('LDAP injection') vulnerability in HAVELSAN Inc. Liman MYS allows LDAP Injection.\n\nThis issue affects Liman MYS: before release.Master.1107."}],"affected":[{"source":"iletisim@usom.gov.tr","affectedData":[{"vendor":"HAVELSAN Inc.","product":"Liman MYS","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"release.master.1107","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"iletisim@usom.gov.tr","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-07T13:23:27.581114Z","id":"CVE-2026-13696","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"iletisim@usom.gov.tr","type":"Secondary","description":[{"lang":"en","value":"CWE-90"}]}],"references":[{"url":"https://siberguvenlik.gov.tr/guvenlik-bildirimleri/detay/tr-26-0504","source":"iletisim@usom.gov.tr"}]}},{"cve":{"id":"CVE-2026-6101","sourceIdentifier":"security@wordfence.com","published":"2026-07-07T14:16:34.543","lastModified":"2026-07-07T15:16:49.807","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"The AMP for WP – Accelerated Mobile Pages plugin for WordPress is vulnerable to Arbitrary File Write in versions up to and including 1.1.12. This is due to unsafe ZIP file extraction in the ampforwp_save_local_font() function combined with inadequate cleanup that fails to remove nested directories and files. This makes it possible for authenticated attackers, with Author-level access and above, and permissions granted by an Administrator, to write arbitrary files to the server in a web-accessible location, potentially leading to remote code execution on hosts that execute PHP files in the uploads directory."}],"affected":[{"source":"security@wordfence.com","affectedData":[{"vendor":"mohammed_kaludi","product":"AMP for WP – Accelerated Mobile Pages","defaultStatus":"unaffected","versions":[{"version":"0","lessThanOrEqual":"1.1.12","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"security@wordfence.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.6,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-07T14:12:15.826434Z","id":"CVE-2026-6101","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security@wordfence.com","type":"Secondary","description":[{"lang":"en","value":"CWE-73"}]}],"references":[{"url":"https://plugins.trac.wordpress.org/browser/accelerated-mobile-pages/tags/1.1.12/accelerated-moblie-pages.php#L1616","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/browser/accelerated-mobile-pages/tags/1.1.12/includes/options/admin-config.php#L1700","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/browser/accelerated-mobile-pages/tags/1.1.12/includes/options/redux-core/core/panel.php#L175","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/browser/accelerated-mobile-pages/tags/1.1.12/includes/options/redux-core/framework.php#L2832","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/browser/accelerated-mobile-pages/trunk/accelerated-moblie-pages.php#L1616","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/browser/accelerated-mobile-pages/trunk/includes/options/admin-config.php#L1700","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/browser/accelerated-mobile-pages/trunk/includes/options/redux-core/core/panel.php#L175","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/browser/accelerated-mobile-pages/trunk/includes/options/redux-core/framework.php#L2832","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/changeset/3512870/","source":"security@wordfence.com"},{"url":"https://www.wordfence.com/threat-intel/vulnerabilities/id/b594d0e9-d805-48b9-bfd4-4cc77dd3a70e?source=cve","source":"security@wordfence.com"}]}}]}